Sign in
Categories
Your Saved List Partners Sell in AWS Marketplace Amazon Web Services Home Help

IBM Security QRadar SIEM v7.3.2 P1 - Components (BYOL)

IBM Security | QRadar MH v7.3.2 Patch 1

Linux/Unix, Red Hat Enterprise Linux RHEL-7.5 - 64-bit Amazon Machine Image (AMI)

Reviews from AWS Marketplace

0 AWS reviews
  • 5 star
    0
  • 4 star
    0
  • 3 star
    0
  • 2 star
    0
  • 1 star
    0

External reviews

317 reviews
from G2

External reviews are not included in the AWS star rating for the product.


    Management Consulting

Excellent log co-relational tool for enterprise business application security monitoring !!!

  • March 21, 2020
  • Review provided by G2

What do you like best?
Gets quick insight and log intelligence.
What do you dislike?
false positives findings and importing into csv.
What problems is the product solving and how is that benefiting you?
CLoud Application log monitoring and intelligence information about security.


    Computer & Network Security

Presales Team leader

  • March 21, 2020
  • Review provided by G2

What do you like best?
Security information management and event.
What do you dislike?
Nothing, everything is ok but need mor practice.
What problems is the product solving and how is that benefiting you?
Enhance the security management
Recommendations to others considering the product:
Thank you, but it needs more marketing in the GCC countries. Im suggesting to make one event in kuwait


    Banking

System analysts

  • March 21, 2020
  • Review provided by G2

What do you like best?
Offense's generation, logs build up. Centralized system for monitoring and management
What do you dislike?
Nothing. But this product take times to make it stable. Parsing is lingering method.
What problems is the product solving and how is that benefiting you?
Vulnerability scanning, trigger false positive and much more


    Aditya B.

Very easy to use. User friendly

  • March 20, 2020
  • Review provided by G2

What do you like best?
User friendly gui and easy to implement.
What do you dislike?
Nothing as such noted,but as per market more features can be added
What problems is the product solving and how is that benefiting you?
It provides detailed analysis of user,server,system, and any activity going in the enviroment.It is bebeficial for detecting threats and attacks and helps ti prevent them.


    Computer & Network Security

The best SIEM tool!!

  • March 19, 2020
  • Review provided by G2

What do you like best?
QRadar has proven a really competitive product being available as cloud & Automated Intelligence solutions. It has been very effective in the overall security of Data by monitoring the systems, detecting the threats & investigating accordingly. It's a complete solution.
What do you dislike?
The unwanted notifications sometimes. This generates a kind of distraction.
What problems is the product solving and how is that benefiting you?
The real-time threat detection is pretty helpful. I can take quick actions against the threats.
Recommendations to others considering the product:
Absolutely yes!


    Computer & Network Security

Must needed SIEM tool - QRadar

  • March 19, 2020
  • Review provided by G2

What do you like best?
To manage all critical events it is not simple. But IBM QRadar SIEM can help you. We are sing BM QRadar and it's really one of the best SIEM. IBM suuport makes it very issue to implement QRADAR. The IBM Qradar SIEM accurately detect and prioritize threats across the enterprise. Collect log events and network flow data from our critical devices, endpoints and applications distributed throughout our network. Quickly identify the top threats and reduce the total alert volume. Help us to investigate incidents.
What do you dislike?
QRADAR data gateway is only available for QRoC also QRadar Event Collector can't be centrally managed. QRadar is more purpose-built, which means faster time to initial value, but potentially more expensive to extend.UEBA application within QRadar iss not complete, the rules are good however, a more detailed list of categorizations per users type is needed in order to have a more accurate risk scores per user sessions.

Vulnerability Scan: The outcome of the missing vulnerability patches are not quite Real-Time, it has a delay of 1 to 3 weeks in relation with the releases done by Microsoft.

SIEM: Is not build for MSSP, even if there are workarounds to it, splitting the licensing for different customers is not advantageous however, for a single environment it works good;
What problems is the product solving and how is that benefiting you?
The complexity of items and analytics that you can extract using this SIEM, basically as long as you have the required logs, you can customize rules, use cases, reports, statistic graphs as per your needs.Very good documentation offered by IBM for this tool.
Recommendations to others considering the product:
QRadar is must needed SIEM tool.


    Dilan R.

IBM Qradar actually working as real Radar. It maximize our visibility on network.

  • March 19, 2020
  • Review provided by G2

What do you like best?
As my experience QRadar correlation engine in is the best of any SIEM. There are major features,
- Analyzing bulk Data
- Testing new rules
- Re-creating offenses that were lost or purged
- Identifying previously hidden threads
- Historical correlation overview
- Creating historical correlation profile
- Viewing information about historical correlation runs
What do you dislike?
Unsupported for SE (Security Enhanced) linux - This is mandatory
API integrations with some products - It's good to have support for some custom made applications
What problems is the product solving and how is that benefiting you?
- Log Sources - QRadar support various range of log sources. Also we can customize and create custom log sources with DSM Editor. (out of the box features on QRadar - IAM, Data Security, Network & Host, IPS ..)
- Easy as just plug and play, Integration with Vulnerability Manager and Risk Manager.
- Security Intelligence abilities - real time analysis, behavior analysis, anomaly detection.
- Threat intelligence feeds are high quality and very accuracy. Also Threat intelligence information can be inject from sources like IBM X-Force.
- Built-in Rules, Offences and Reports.
- Low level of false positive.
- Graphical dashboards.
- Good solution for any scale of organization
Recommendations to others considering the product:
Strongly recommended. Because it fulfill 99% of our requirements. This is not an one of SIEM, this SIEM solution is perfect for collecting all logs from devices and endpoints and it maximize visibility on the network, remove gaps / lapses and lack of monitoring.
Have advanced correlation algorithms, Scalable solution.


    Aviation & Aerospace

The best Cybersecurity Solution that highlights security incidents in Real time

  • March 18, 2020
  • Review provided by G2

What do you like best?
Its ease of highlighting incidents within the tech infrastructure
What do you dislike?
Graphics.
Some competitors are more attractive
What problems is the product solving and how is that benefiting you?
Security monitoring of many It/OT infrastructures
Recommendations to others considering the product:
.


    Mohamed M.

Good for Experts, Bad for beginners

  • March 18, 2020
  • Review provided by G2

What do you like best?
The complexity of items and analytics that you can extract using this SIEM, basically as long as you have the required logs, you can customize rules, use cases, reports, statistic graphs as per your needs;
Very good documentation offered by IBM for this tool.
What do you dislike?
UEBA application within QRadar: Is not complete, the rules are good however, a more detailed list of categorizations per users type is needed in order to have a more accurate risk scores per user sessions.
Vulnerability Scan: The outcome of the missing vulnerability patches are not quite Real-Time, it has a delay of 1 to 3 weeks in relation with the releases done by Microsoft.
SIEM: Is not build for MSSP, even if there are workarounds to it, splitting the licensing for different customers is not advantageous however, for a single environment it works good;
What problems is the product solving and how is that benefiting you?
Offering Cyber Security solutions and services to the required environments; also, a very good tool to monitor the audit performance of the respective domain;
Recommendations to others considering the product:
High knowledge of Computer Networking is a must; Reading the QRadar documentation would help you customize and implementing the desired scopes with this tool.


    Computer & Network Security

Powerful SIEM solution

  • March 18, 2020
  • Review provided by G2

What do you like best?
The Multi-tenancy capabilities
X-Force integration
What do you dislike?
The price is reasonable but on the high side compared to the competition
What problems is the product solving and how is that benefiting you?
Our customer regained insight in their complex security environent.
Recommendations to others considering the product:
When your comparing SIEM solutions take the TCO into account.