Sign in
Sign in
or
Create a new account
Categories
Your Saved List Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

IBM Security QRadar Suite Software: SIEM & SOAR

IBM Security | 1

Reviews from AWS Marketplace

0 AWS reviews
  • 5 star
    0
  • 4 star
    0
  • 3 star
    0
  • 2 star
    0
  • 1 star
    0

External reviews

28 reviews
from G2

External reviews are not included in the AWS star rating for the product.

    Süleyman A.

my experiences.

  • July 06, 2023
  • Review provided by G2

What do you like best about the product?
units with advanced capabilities to manage and automate security operations.
Some of the features on the appreciation surface are the ability to maintain and analyze security protections, automate incident response business processes and integrate them with various security tools.

It manages to increase the protections of security operations and help respond effectively to threats.
What do you dislike about the product?
While IBM Security QRadar SOAR has many powerful features, it is worth noting that some users may find the platform initially complex to install and configure. Also, depending on an organization's specific needs and requirements, there can be a learning curve involved in understanding and effectively using all the functionality of the platform. It is always a good idea to evaluate different solutions and consider factors such as usability, integration capabilities and overall fit with your organization's security operations
What problems is the product solving and how is that benefiting you?
It meets almost all expectations on the SOC side.

    Muhammad B.

IBM Security QRadar SOAR

  • May 24, 2023
  • Review provided by G2

What do you like best about the product?
IBM Security QRadar SOAR is Security Orchestration, Automation and Response. It is used to generate automatic response against any malicious activity performed overall the infrastructure of any organization. we can create playbooks to automate the process . Like if any user is trying to access a website that is being blocked over the firewall, hence we can block the IP of the user on firewall so he may not access the blocked website.
What do you dislike about the product?
Creating playbooks requires a programming development skill such as one must learn python language so he can easily create playbooks. We can disable active directory user through SOAR against any malicious activity.
What problems is the product solving and how is that benefiting you?
IBM Security QRadar SOAR is used to generate automatic response. So it can be used as incident register and also for incident response through customized build playbooks.

    Computer & Network Security

Strong Cyber Analyze Tool

  • April 18, 2023
  • Review verified by G2

What do you like best about the product?
Strong rules writing and reference sets are very useful
What do you dislike about the product?
Graphical interfaces. Such as filter columns are not dynamic and sorting is not work
What problems is the product solving and how is that benefiting you?
Authorization Problem, Network attacks

    Information Technology and Services

IBM Resilient SOAR Review

  • June 01, 2022
  • Review verified by G2

What do you like best about the product?
Good to use. User friendly, support from IBM
What do you dislike about the product?
Right now it is getting replaced by CP4S. Hence very less integrations out of box.
What problems is the product solving and how is that benefiting you?
SOAR tool, used for consolidating security incidents for better visibilty.
Recommendations to others considering the product:
Old product. Will be getting replaced by IBM CP4S.

    Swapnil R.

Powerful customizable tool but only when it's configured correctly

  • July 23, 2020
  • Review provided by G2

What do you like best about the product?
IBM resilient soar is good platform when we consider automation in process. We have integrated this tool with IBM Qradar. Best part is that it can automate the security incidents directly without human interference. We can do part of automation which we want to automate, their are lots of functionalities in this tool itself. Incidents can be created automatically or manually. We can integrate the other API also. This tool helps in saving the time and meeting the SLA.
What do you dislike about the product?
This tool is best when all the configuration is done correctly otherwise you will face number of small problems. It's a powerful but it needs time for proper setup. As we have integrated resilient with Qradar, when we do some changes in Qradar, resilient stops working because of some error. This happens frequently. So we have to fix this number of times. Sometimes Qradar data tables not generate in resilient so that creation of incidents stops for a while.
What problems is the product solving and how is that benefiting you?
Sometimes resilient fails to fetch data from Qradar which stops the incident creation. This problem we are solving with the resilient.
Recommendations to others considering the product:
Resilient is best automation tool for the quick generation of incidents. It helps in creation of major and critical incidents generation within SLA. But we cannot compare it with human analysis and investigation. It helps only generation of incidents with some details. After that analyst have to do actual investigation for the case.

    Information Technology and Services

Best Security Orchestration, Automation & Response Tool on the Market!

  • May 02, 2020
  • Review verified by G2

What do you like best about the product?
We recently built a Resilient solution in the IBM cloud. The Resilient tool is being used to demonstrate capabilities and train our internal personnel for the internal production SOAR deployment too. The set up was easy and within just a couple days we were already realizing the value of Resilient.
What do you dislike about the product?
I wish there was more guidance for the use of the Resilient SOAR tool. The documentation is lacking is some areas and is rudimentary. We need more guidance around how to set up playbooks, use of functions and workflows, how integrations can be further developed. There is a heavy reliance on GitHub and community development that can be difficult to find, validate and implement if inexperienced with the tool.
What problems is the product solving and how is that benefiting you?
We immediately realized time savings benefits for SOC analysts. The threat intelligence was easy to set up and showed value very quickly.

    Utilities

Excellent and Powerful SOAR Platform

  • November 23, 2019
  • Review provided by G2

What do you like best about the product?
IBM Security Resilient is a very powerful platform because of the openness of Python and architecture of the product. Resilient makes it easy to develop custom integrations, on top of the 150+ they already have pre-built. The Community is helpful and growing each day. It's easy to get support for the product from the official IBM Support portal as well. Resilient is very configurable and can be used to do about anything in the SOAR realm. Great product overall, and I continue to see it getting better and being built up.
What do you dislike about the product?
Integrations are a bit lackluster in some cases, and often require tailoring to suite needs better.

Resilient is powerful, but this means that it requires time be dedicated to building it out, it's not a quick and easy job necessarily due to its current architecture.
What problems is the product solving and how is that benefiting you?
Major FTE productivity gains were realized with Resilient, saving analysts 20-30 minutes per hour of doing tedious or manual work.

Resilient also organizes incident response and makes it easier to report information to leadership.
Recommendations to others considering the product:
Great platform. I definitely recommend IBM Resilient, and especially if you have time and some Python programming resources to put into the product (hire an intern!).

    Defense & Space

Resilient experience feedback

  • November 02, 2019
  • Review verified by G2

What do you like best about the product?
Process Oriented ! Product allow to build and use dynamic workflow with very useful. Resilient is very powerful from the user interface to the integration of functions in a BMMN like view. Products integrate a privacy module (have to pay) wich is very helpful too for internationals company and for the DPO.
What do you dislike about the product?
From the action / circuits part (function implementations) you have to download what you need and implement it on your own, you don't to select it directly from the product. Maybe some improvement to do on reporting scheduling.
What problems is the product solving and how is that benefiting you?
Very usefull for incident response, and most of all, to get orchestration and fast answer for the analyst with SI integrations. In the point of Management (dashboard/report) and for the analyst, user. For DevSecOps the API is well documented.

    Information Technology and Services

Great response system

  • September 16, 2018
  • Review provided by G2

What do you like best about the product?
It makes integration very easy with real time dashboard.
What do you dislike about the product?
There nothing that I dislike about this system.
What problems is the product solving and how is that benefiting you?
It has made decision making very effective as it guides the time through best responses.

    Tehani d.

Wonderful

  • July 26, 2018
  • Review provided by G2

What do you like best about the product?
Easy to navigate, no experience needed!
What do you dislike about the product?
Nothing that I can think of it’s a very well rounded project.
What problems is the product solving and how is that benefiting you?
I benefit in learning a new softaware that enables me to work at a quicker and steadier pace.

showing 11 - 20