IBM Security QRadar SIEM v7.3.2 P1 - Console (BYOL)
IBM Security | QRadar Console v7.3.2 Patch 1Linux/Unix, Red Hat Enterprise Linux RHEL-7.5 - 64-bit Amazon Machine Image (AMI)
Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Qradar experience in last 4 years
What do you like best about the product?
The tool itself is pretty user-friendly, to begin with, on top of that, it is easily malleable, scalable and overall a good SIEM tool to get the results one would want.
What do you dislike about the product?
DSM guide needs to be expanded for more tools and integrations and parsing steps need to be automated.
What problems is the product solving and how is that benefiting you?
As the SIEM itself is providing us the logs from all the devices, making it easy for us to get the results we want and come to a conclusion regarding identification of a incident, and which category it falls in.
Recommendations to others considering the product:
If you are looking to integrate a SIEM, I would suggest that this is the tool you'd wanna begin with
- Leave a Comment |
- Mark review as helpful
I am working on qradar siem since 3 years and it was great to work on Qradar siem
What do you like best about the product?
Security and capabilities of use case creation
What do you dislike about the product?
Gui is slow many times
And the cost of deployment is high compared to competitors
And the cost of deployment is high compared to competitors
What problems is the product solving and how is that benefiting you?
Log visibility is very easy , qdi makes health status visible
Recommendations to others considering the product:
It's a good SIEM to begin with and is easy to deploy and scale further.
A good product to begin with
What do you like best about the product?
The thing I like the best about Qradar is user friendliness.
It's easy to use, pretty malleable and efficient.
On the top of it, it can handle any kind of logs and give us appropriate results.
It's easy to use, pretty malleable and efficient.
On the top of it, it can handle any kind of logs and give us appropriate results.
What do you dislike about the product?
The biggest gripe with QRadar is data ingest is super cumbersome and unnecessarily complicated. Hardware requirements are also expensive with Qradar to begin with.
What problems is the product solving and how is that benefiting you?
It's providing us the logs from all the security devices; helping us in analysing them and prevent security breaches by the means of Incident Response and Threat Hunting.
Recommendations to others considering the product:
IBM Qradar is just the tool you need, and you would need.
It's easy to use, and scalable.
It's easy to use, and scalable.
One of the best SIEM Tool
What do you like best about the product?
Report creation, alerts and log monitoring
What do you dislike about the product?
Too much manual work. GUI seems lagging.
What problems is the product solving and how is that benefiting you?
Real time log monitoring, report generation. It helps to keep eye on the environment for any malicious activity.
Recommendations to others considering the product:
One of the best SIEM Tools out there. Easy to use
Q- radar review
What do you like best about the product?
The thing i like the most about q radar is we can customise everything according to ourself
What do you dislike about the product?
As the q radar on which i am working is deployed on cloud so it gets slow when multiple instances are opened .
What problems is the product solving and how is that benefiting you?
Whenever something malicious is happening in our environment we get the alerts for that if someone is communicating with malicious IP , some malicious hash is captured on EDR .
Easy to understand
What do you like best about the product?
Fetching logs for investigation and analysis
What do you dislike about the product?
Use case creation conditions formatting, loading of data and putting conditions
What problems is the product solving and how is that benefiting you?
Holistic view of events
Recommendations to others considering the product:
Easy ton setup and on board devices
One of best SIEM Tool in the market.
What do you like best about the product?
Multi ways deployment for smallest to largest organization. Offenses and logs handling. Reports generation
What do you dislike about the product?
Too much of manual task. UI is bit lagging.
What problems is the product solving and how is that benefiting you?
Real time monitoring keeps tabs on what is happening in our environment at one place rather than checking each and every log source.
Recommendations to others considering the product:
Best SIEM Tool in market and affordable.
IBM Security QRadar
What do you like best about the product?
IBM Security QRadar is an SIEM tool by that we can monitor all the alerts generated by the tool. It is a centralized log collector of every security.
What do you dislike about the product?
We need to install an event collector at every place by that we can send logs to the QRadar.
What problems is the product solving and how is that benefiting you?
We can analyze logs generated by security tools like firewalls, Switch, Email Security, DNS security etc. accordingly we can take action.
Recommendations to others considering the product:
QRadar is monitor tool basically for the SOC team to monitor all the logs generated by the security tool. Every industry needs an SIEM tool to have visibility to the entire organization.
One of the best siem tool
What do you like best about the product?
Qradar is a one of the great tool for siem, if you want to monitor real time logs and also prevent any cyber attacks. There customer service is great in the industry, if you want to upgrade qradar with latest version and you stuck in between you can connect with there team and they will help you to do that..
What do you dislike about the product?
None. Everything is perfect as of my point of view
What problems is the product solving and how is that benefiting you?
Cyber attacks, helping do to threat hunting activity,real time monitoring, true postive n false positive
An SIEM with great UI, more flexible log management and explicit security use case creation process.
What do you like best about the product?
- I have worked on various SIEM technologies. IBM Qradar is one of them. One thing I liked the most about it is, It has a great UI which makes it very easy to understand all functionalities.
- IBM Qradar supports multiple types of log sources and devices that give us flexibility in integrating all kinds of necessary logs.
- It has a very easy way to manage and process Threat Intelligence.
- OEM support is great.
- Great features such as UBA and Operations App for monitoring suspicious user activities and their impact on the system. Threat Intelligence App for fetching TI
feeds, Usecase manager app to optimally configure rules for enhancing the detection mechanism and MITRE ATT&CK mapping.
- IBM Qradar supports multiple types of log sources and devices that give us flexibility in integrating all kinds of necessary logs.
- It has a very easy way to manage and process Threat Intelligence.
- OEM support is great.
- Great features such as UBA and Operations App for monitoring suspicious user activities and their impact on the system. Threat Intelligence App for fetching TI
feeds, Usecase manager app to optimally configure rules for enhancing the detection mechanism and MITRE ATT&CK mapping.
What do you dislike about the product?
- Many times the search queries get failed while fetching logs even for one week. Then we need to fetch logs by segregating the search for 3-3 days. That takes more time.
- Faced data parsing issues sometimes.
- Faced data parsing issues sometimes.
What problems is the product solving and how is that benefiting you?
- Qradar with SOAR integration automates many incident response processes such as Phishing Email investigation, Blocking of IOCs, and Responding to common
malware alerts. This has helped to reduce the overall workload.
malware alerts. This has helped to reduce the overall workload.
Recommendations to others considering the product:
- Overall IBM Qradar is a very well-organized platform and the support from the OEM is great. This tool will always be my first recommendation for any kind of small to large security operations centre management.
showing 31 - 40