Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Very expensive for what little it offers
What do you like best about the product?
Integration with QRADAR and some IBM tools
What do you dislike about the product?
We have some bugs due to lack of integrations with Trend Micro solutions. In my opinion, the U.B.A tool is still not 100% complete.
What problems is the product solving and how is that benefiting you?
Enrich events
- Leave a Comment |
- Mark review as helpful
Analise Soar Qradar
What do you like best about the product?
facilidade de uso e iterface facil e facil implementação
What do you dislike about the product?
parece um pouco antigo o layout em comparação com outros
What problems is the product solving and how is that benefiting you?
estamos automatizando os alertas e demorando menos tempo na atuação, com isso nossa resposta a incidente ficam mais rapidas e precisas
Siem since the implementation and exploitation of the application
What do you like best about the product?
easy deployment and integration with your collectors
What do you dislike about the product?
When integrating equipment that is not natively registered, parcing is cumbersome.
What problems is the product solving and how is that benefiting you?
Critical equipment alerts and active monitoring, benefiting possible attacks or vulnerabilities to the monitored systems
IBM Security QRadar SOAR
What do you like best about the product?
Seamless integration with security and ticketing tools, makes routine work easy
Very flexible customization options
Very flexible customization options
What do you dislike about the product?
Sometimes, workflows end up in errors and have to restart the workflows
Also experiences lagging/slowness sometimes
Also experiences lagging/slowness sometimes
What problems is the product solving and how is that benefiting you?
QRadar SOAR is helping us deal with daily routine work of raising incidents based on SIEM tool alerts.
With SOAR workflows, it has become very easy to gather required data and provide this data in very structured format to our clients via tickets, all automated to be simple workflows
With SOAR workflows, it has become very easy to gather required data and provide this data in very structured format to our clients via tickets, all automated to be simple workflows
Platform is so Good
What do you like best about the product?
Secruity and Platform from IBM is important thing I like about QRadar SOAR
What do you dislike about the product?
sofar nothing, I have been using partially on the Platform
What problems is the product solving and how is that benefiting you?
Providing real-time insights that enhance the detection and remediation of threats.
Qradar - A Complete SIEM Platform
What do you like best about the product?
Qradar is easy to handle tool. Qradar provides a good log or flow search experience. It is easy to handle the offenses as correlation works great and we are able to see any previous offense from the same attacker.
What do you dislike about the product?
There is only one thing which I dislike about Qradar is its dashboard experience. Qradar has very old fashioned dashboard. They added pulse for better dashboards but they discontinued it.
What problems is the product solving and how is that benefiting you?
Qradar is a complete SIEM tool platform which provides great correlation of the events so that we can get concrete offenses rather than false positives. Multiple search filters allow us to get data more accurately and precisely. Using its UEBA we can generate offenses related to user or behaviour anomalies.
My experience with Qradar is awesome and I would definitely recommend to everyone
What do you like best about the product?
Like It detect almost every risk that a endpoint has.
What do you dislike about the product?
It's training material are little confusing and hard
What problems is the product solving and how is that benefiting you?
It detect almost every risk a specific endpoint has and it got me narrow my Defence surface.
QRadar EDR
What do you like best about the product?
I like the Dashboard and the way it's present the overall incident details.
It have the capability to detect the malicious behavior, easy to manage the policies and add exception.
It have the capability to detect the malicious behavior, easy to manage the policies and add exception.
What do you dislike about the product?
I feel it's little bit slow some time while opening incident details. It can be fixed I think in future versions.
What problems is the product solving and how is that benefiting you?
Its serving the purpose of AV, also help us to get secure from Endpoint attacks
It's quite efficient to detect the threats.
It's quite efficient to detect the threats.
Best SIEM tool I've worked with for complex environments
What do you like best about the product?
- AQL language have the same syntax as SQL, making it easy and fast to create fine grained searches;
- AQL also makes it easy to create Dashboards, really helpful to our clients;
- Rule creation is easy enough to understand and implement;
- Integration with IBM X-Force is fundamental to our operation;
- New UI's visual builder makes it super easy to search for events and flows;
- Easy to setup multiple domains for everyday use in multiple environments;
- IBM's employees provide great support;
- AQL also makes it easy to create Dashboards, really helpful to our clients;
- Rule creation is easy enough to understand and implement;
- Integration with IBM X-Force is fundamental to our operation;
- New UI's visual builder makes it super easy to search for events and flows;
- Easy to setup multiple domains for everyday use in multiple environments;
- IBM's employees provide great support;
What do you dislike about the product?
- New UI (QRadar UI (v2.32.0)) have less features than the old one, we can't search for offenses as easily: we can't search for offenses that started in an specific date, only predefined timeranges (hour, 12h, 7d, 30d etc);
- Pulse only allows to edit a dashboard if you're the one who created it. All admins should be allowed to edit them;
- We can't create notes on an offense from the new UI, notes are really helpful;
- Report building is terrible, clumsy and slow, and not a lot of customization;
- Pulse only allows to edit a dashboard if you're the one who created it. All admins should be allowed to edit them;
- We can't create notes on an offense from the new UI, notes are really helpful;
- Report building is terrible, clumsy and slow, and not a lot of customization;
What problems is the product solving and how is that benefiting you?
QRadar was our SIEM choice for it's leading position in the industry, it's easy to setup new Log Sources and it's documentation is a great resourse, although sometimes difficult to find (like API and AQL docs). We're using it to sell our SOC as a Service solution and all clients are satisfied with the tool.
A must have SIEM tool - IBM Qradar
What do you like best about the product?
Qradar acts as a one stop solution to manage, correlate and investigate all the network, application events. The product makes it easy to remediate threats while maintaining the bottom line. IBM Qradar offers a vast insights of all the activities happening across our network. The tool also enables to identify the abnormalities in the user behaviour analytics. The eas of implementation and integration with other platforms is a feather in one's cap for Qradar.
What do you dislike about the product?
As a ardent customer of IBM Qradar for past five years, there is nothing to dislike about the product.
What problems is the product solving and how is that benefiting you?
The tool enables our organization to be more efficent in identifiying the abnormalities and act upon it before hand. IBM Qradar SIEM acts as a one place stop solution for our Security Operations team for everything right from monitoring to acting upon the offense.
showing 1 - 10