Sign in
Sign in
or
Create a new account
Categories
Your Saved List Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

IBM Security QRadar Suite Software: SIEM & SOAR

IBM Security

Reviews from AWS customer

1 AWS reviews
  • 5 star
    0
  • 4 star
    1
  • 3 star
    0
  • 2 star
    0
  • 1 star
    0

External reviews

20 reviews
from

External reviews are not included in the AWS star rating for the product.

    Anto Sebastin

A scalable and easy-to-deploy incident management tool that provides good support

  • July 17, 2023
  • Review provided by PeerSpot

What is our primary use case?

The product is a threat detection and response solution. It is useful for consultants or security analysts. It is an incident management tool.

What is most valuable?

We had enabled federated search. It allows us to search data both on-premises and on the cloud. We can check the functional insights. We use keywords for threat investigation. We use the product mostly for AWS delivery models.

What needs improvement?

Most people handling QRadar in organizations are IT engineers. They do not have experience with the tool. They read from manual documentation. If there is an emergency to search for details about malware, we need a response team’s help. Sophos has a team called Managed Threat Response. The team conducts investigations in our network. This feature is not available in IBM Security QRadar. They only provide technical support. The product does not have a team for investigating malware.

For how long have I used the solution?

I have been using the solution for one year.

What do I think about the stability of the solution?

The tool is stable. SIEM is important for every company. It is needed if any attack occurs.

What do I think about the scalability of the solution?

We deployed the solution for an enterprise business. I rate the scalability of the tool an eight out of ten.

How was the initial setup?

I rate the ease of setup an eight out of ten.

What about the implementation team?

The deployment takes almost half a day. If the environment is good, we can deploy the solution in 25 to 30 minutes. It will be helpful to have people who have knowledge of malware analysis and know specific languages that are relevant to the domain to deploy the tool.

What's my experience with pricing, setup cost, and licensing?

In India, the solution is expensive. Only enterprise businesses can afford the tool. We need more than 3000 people in the organization to use it. We might have to pay for technical support separately.

Which other solutions did I evaluate?

We use Sophos now. Sophos provides us with a team called MTR. The team analyzes the vulnerabilities in our network. We need to pay separately for it. However, compared to us, they have better product knowledge. This kind of support is not available in QRadar. It will be great if IBM adds these features.

What other advice do I have?

I am using the current version of the solution. We do not have a team to analyze malware. Overall, I rate the product a nine out of ten.

Which deployment model are you using for this solution?

On-premises

showing 21 - 21