IBM Security QRadar SIEM v7.3.2 P1 - Components (BYOL)
IBM Security | QRadar MH v7.3.2 Patch 1Linux/Unix, Red Hat Enterprise Linux RHEL-7.5 - 64-bit Amazon Machine Image (AMI)
Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews

External reviews are not included in the AWS star rating for the product.
Very good product but lack support
What do you like best?
Easyto use and understand for new analysts.
No steep learning curve.
Easy to integrate multiple log sources using multiple protocols.
No steep learning curve.
Easy to integrate multiple log sources using multiple protocols.
What do you dislike?
Lack of quality support is major concern.
Regex and property extration can be headache sometime.
Kasper integration is a pain.
Regex and property extration can be headache sometime.
Kasper integration is a pain.
What problems is the product solving and how is that benefiting you?
Single tool to investigate any incident in depth without the need of jumping between tools to join pieces of puzzle regarding investigation.
- Leave a Comment |
- Mark review as helpful
IBM QRADAR REVIEW
What do you like best?
Log Ingestion
Use cases creation
Enrichment
Use cases creation
Enrichment
What do you dislike?
Troubleshooting issues
Bugs
App slowness
Bugs
App slowness
What problems is the product solving and how is that benefiting you?
Advance threat detection
User entity Behaviour analytics
Soar
Huge data storage
Data processing speed.
User entity Behaviour analytics
Soar
Huge data storage
Data processing speed.
Review of IBM QRadar
What do you like best?
User Friendliness and ease of use than other products.
What do you dislike?
Few bugs for autodiscovery of log source
What problems is the product solving and how is that benefiting you?
Provides the market's best SIEM solution which can be integrated with most technologies. Readily available use cases backed by IBM
Recommendations to others considering the product:
NA
A Great SIEM Solution
What do you like best?
QRadar offers alot of different applications that enriches the alerts receieved from the rules defined. It allows integrations with threat intelligence sources such as X-Force.
What do you dislike?
I think that the deployment and maintenance of qradar is sometime abit demanding.
This translates to quite intensive support from integrators (even though we have a very good understanding in QRadar's system administration.
This translates to quite intensive support from integrators (even though we have a very good understanding in QRadar's system administration.
What problems is the product solving and how is that benefiting you?
Allows log collection, parsing and eventually monitoring (based on rules we define).
There are also alot of out-of-the-box rules and parsing mechanisms existing for many
There are also alot of out-of-the-box rules and parsing mechanisms existing for many
Recommendations to others considering the product:
I really recommend the product. just keep in mind that it is not SaaS and have infrastructure cost implications.
Security Analyst & Admin
What do you like best?
Qradar is user-friendly and easy to use.
What do you dislike?
Log retention period.
Restoration
Down-time activity
Version upgradation
Restoration
Down-time activity
Version upgradation
What problems is the product solving and how is that benefiting you?
All functionality is easy to find.
Faster than other SIEM tool
Multi-Language
Threat intelligence website Plugins are available.
Dig-down of any data is easy (IP, Hostname, UserID)
New Watchlist, rule creation, Health checkups and data extraction are so smooth and easy.
Nontechnical candidates can learn quickly.
Faster than other SIEM tool
Multi-Language
Threat intelligence website Plugins are available.
Dig-down of any data is easy (IP, Hostname, UserID)
New Watchlist, rule creation, Health checkups and data extraction are so smooth and easy.
Nontechnical candidates can learn quickly.
Recommendations to others considering the product:
Learn log analysis and admin tasks. It will be fun while use Qradar
Loved the tool.
What do you like best?
Very helpful for dfir.Really helped in going in depth for analyzing the digital forensics part.
What do you dislike?
Nothing as of now. Currently practicing it.
What problems is the product solving and how is that benefiting you?
Everything is benefitiing me.
SIEM
What do you like best?
SIEM product is the best and i am using it
What do you dislike?
dsm feauteru needs to be a bit tricky can be omproved
What problems is the product solving and how is that benefiting you?
secuirty events and coorelation engine
One of the best SIEM Tools in the market
What do you like best?
Device Support Module, Correlation Engine, Offense Chaining, easy integrations with ticketing tools and most of the threat Intel platforms
What do you dislike?
The user interface and product support could be better
What problems is the product solving and how is that benefiting you?
Cybersecurity breach analysis, reduce the time between detection and response.
Recommendations to others considering the product:
Best SIEM tools I have ever used.
A decent SIEM solution
What do you like best?
*we use around 1500 EPS*
The SIEM offers an impressive parse logging ability.
The SIEM offers an impressive parse logging ability.
What do you dislike?
In general I think that the integrations offered by QRadar are not being kept up to date (Sometimes some integrations that I think are pretty standard just don't exist).
In addition i think that the system itself demands tons of resources and can be quite expensive in terms of infratstructure
In addition i think that the system itself demands tons of resources and can be quite expensive in terms of infratstructure
What problems is the product solving and how is that benefiting you?
it helps us monitor applications and evnironments that do not have out-of-the-box alerts such as CSP's, server logging (syslog level).
QRadar
What do you like best?
Single window into your network and risks of the assets.
What do you dislike?
Legacy Ticketing system..but older one..
What problems is the product solving and how is that benefiting you?
Granular log and root cause analysis
showing 31 - 40