Sign in
Categories
Your Saved List Partners Sell in AWS Marketplace Amazon Web Services Home Help

IBM Security QRadar SIEM v7.3.2 P1 - Components (BYOL)

IBM Security | QRadar MH v7.3.2 Patch 1

Linux/Unix, Red Hat Enterprise Linux RHEL-7.5 - 64-bit Amazon Machine Image (AMI)

Reviews from AWS Marketplace

0 AWS reviews
  • 5 star
    0
  • 4 star
    0
  • 3 star
    0
  • 2 star
    0
  • 1 star
    0

External reviews

312 reviews
from G2

External reviews are not included in the AWS star rating for the product.


    Khaled M.

Powerful Tool for Security Monitoring and Analysis

  • June 04, 2022
  • Review verified by G2

What do you like best?
Threat intelligence is a powerful tool. The use case manager helps to analyze active rules and events. Also helps to understand why offense triggers. AQL helps to find the logs easily. I like the app's pulse. Very powerful apps. Get an overview of the whole network at a glance.
What do you dislike?
Every feature is useful. The use case manager helps to tune the rule. Also, MITRE ATT@CK helps to use APT. The concept of reference set needs to describe more easily. continuous Flows make the Processor slow. Facing problem in getting TAXXI Feed.
What problems is the product solving and how is that benefiting you?
Find the vulnerability of our servers. Also aware of the malicious IPs using x-force exchange. The use case manager helps to fine-tune the rules. UBA helps to find out unusual activity of users. Reference Set helps to find malicious IPs like cryptocurrency mining, botnet etc.
Recommendations to others considering the product:
Great product for threat detection and recommended support from support Forum.


    Information Technology and Services

It is a well organised tool to enhance security operations

  • June 03, 2022
  • Review provided by G2

What do you like best?
Log collection and streamlining them with which our team uses to make a decision
What do you dislike?
May be the GUI could be better...it has been ages to be intuitive and creative with it
What problems is the product solving and how is that benefiting you?
Definitely the security team is at the best place while having insights and updates mainly with ever growing attack surfaces. I can vouch for the tool and have it your way.


    Ganesh S.

It was good

  • June 02, 2022
  • Review provided by G2

What do you like best?
The content of the course is good. It has good practical hands-on exercises that helps to understand and grasp the concepts.
What do you dislike?
The content could have had more sessions on analysis of alerts.
What problems is the product solving and how is that benefiting you?
I started off with Qradar architecture. But it had more in-depth concepts and made us to understand the core concepts of Qradar.
Recommendations to others considering the product:
IBM Qradar had an edge on other siem tools. It is very user friendly and anyone can learn so easily.


    Ravi G.

It is a good tool for monitor the alert for all the security application.

  • June 02, 2022
  • Review provided by G2

What do you like best?
It integrates with any one of the security tools abd give proper logs in the offense, which makes analysis simple.
What do you dislike?
Sometimes, it doesn't work fir automation of the report which is scheduled on the Application.
What problems is the product solving and how is that benefiting you?
IBM Security vendor is very helpful for any circumstances of the alerts.


    Financial Services

Very good product but lack support

  • June 01, 2022
  • Review provided by G2

What do you like best?
Easyto use and understand for new analysts.

No steep learning curve.

Easy to integrate multiple log sources using multiple protocols.
What do you dislike?
Lack of quality support is major concern.

Regex and property extration can be headache sometime.

Kasper integration is a pain.
What problems is the product solving and how is that benefiting you?
Single tool to investigate any incident in depth without the need of jumping between tools to join pieces of puzzle regarding investigation.


    Computer & Network Security

IBM QRADAR REVIEW

  • June 01, 2022
  • Review provided by G2

What do you like best?
Log Ingestion
Use cases creation
Enrichment
What do you dislike?
Troubleshooting issues
Bugs
App slowness
What problems is the product solving and how is that benefiting you?
Advance threat detection
User entity Behaviour analytics
Soar
Huge data storage
Data processing speed.


    Ashwin V.

Review of IBM QRadar

  • May 31, 2022
  • Review verified by G2

What do you like best?
User Friendliness and ease of use than other products.
What do you dislike?
Few bugs for autodiscovery of log source
What problems is the product solving and how is that benefiting you?
Provides the market's best SIEM solution which can be integrated with most technologies. Readily available use cases backed by IBM
Recommendations to others considering the product:
NA


    Computer & Network Security

A Great SIEM Solution

  • May 31, 2022
  • Review verified by G2

What do you like best?
QRadar offers alot of different applications that enriches the alerts receieved from the rules defined. It allows integrations with threat intelligence sources such as X-Force.
What do you dislike?
I think that the deployment and maintenance of qradar is sometime abit demanding.
This translates to quite intensive support from integrators (even though we have a very good understanding in QRadar's system administration.
What problems is the product solving and how is that benefiting you?
Allows log collection, parsing and eventually monitoring (based on rules we define).
There are also alot of out-of-the-box rules and parsing mechanisms existing for many
Recommendations to others considering the product:
I really recommend the product. just keep in mind that it is not SaaS and have infrastructure cost implications.


    Security and Investigations

Security Analyst & Admin

  • May 30, 2022
  • Review provided by G2

What do you like best?
Qradar is user-friendly and easy to use.
What do you dislike?
Log retention period.
Restoration
Down-time activity
Version upgradation
What problems is the product solving and how is that benefiting you?
All functionality is easy to find.
Faster than other SIEM tool
Multi-Language
Threat intelligence website Plugins are available.
Dig-down of any data is easy (IP, Hostname, UserID)
New Watchlist, rule creation, Health checkups and data extraction are so smooth and easy.
Nontechnical candidates can learn quickly.
Recommendations to others considering the product:
Learn log analysis and admin tasks. It will be fun while use Qradar


    Mokshi K.

Loved the tool.

  • May 30, 2022
  • Review provided by G2

What do you like best?
Very helpful for dfir.Really helped in going in depth for analyzing the digital forensics part.
What do you dislike?
Nothing as of now. Currently practicing it.
What problems is the product solving and how is that benefiting you?
Everything is benefitiing me.