Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Best dashboard reporting by the timeline status
What do you like best about the product?
I have used a lot of incident response platform tool over the years called Consumer call management and many more, but this one has infrastructure integration with directory,endpoint and network controls and also easy collaboration of email and web forms which makes it stand out and i could drill down by incident timeline status and type order and also dashboard reports which is quite easier
What do you dislike about the product?
Sometimes the incident escalation ticket requests and follow up are out of sync and threat intelligence for DDOS attacks are not perfect since they dont track them ideally step by step and i have to redefine the process to find them
What problems is the product solving and how is that benefiting you?
Mainly with dynamic request to incident adaptations and gives suggestive action which is really ideal being an end user and the special customer service ticketing platform gives a lot of edge for all SIEM & IRP requests
Recommendations to others considering the product:
Tap the finest potential of it and also explore the nuances of what it has to offer
- Leave a Comment |
- Mark review as helpful
Undecided
What do you like best about the product?
Nothing particular. Layout is similar to other SIEM applications.
What do you dislike about the product?
searching is not intuitive. Quick filter doesn't offer any tips or command/syntax help.
What problems is the product solving and how is that benefiting you?
We haven' identified business problems to solve yet.
QRadar Review - Rick Jesse
What do you like best about the product?
Ease of use. The ability to quickly find information. Rules are fairly straight forward to create and/or edit.
What do you dislike about the product?
Auto detecting log sources are sometimes inaccurate, leading to duplicate and sometimes triplicate log sources. DSMs have a lot of issues with parsing for certain log sources, and there is a lack of some common DSMs. Specific reports can be difficult to create, the time series reports specifically give us the most issues.
What problems is the product solving and how is that benefiting you?
We are using QRadar as both a logger and SIEM. Detecting and Alerting of malicious activity has been the biggest benefit.
QRadar Newbie.
What do you like best about the product?
I like the discussed inter-operability between QRadar and other data sources that can be used as feeds or a database. I also like that it can be tailored to any environment with not too much effort if the environment is mature.
What do you dislike about the product?
We have run into a timestamp issue whereby QRadar timestamps an event when it receives the data and creates an alert based on that timestamp vs when the event actually happened on the Network.
What problems is the product solving and how is that benefiting you?
We are implementing QRadar to better consolidate and cross correlate data to one console.
Recommendations to others considering the product:
Have a mature environment that is well documented, a well organized process flow for Security as a whole and well defined roles and responsibilities. It's always good to have done your homework on any product as it relates to your environment so as to have the ability to identify any gaps in either process flow or data sources availability/use in QRadar.
Incident Mgmt system review
What do you like best about the product?
The capability of orchestrating and automating incident response processes
What do you dislike about the product?
would be better if integration is simplified and optimized as other tools like sniffer network incidents can integrate to IBM Resilient tool
What problems is the product solving and how is that benefiting you?
Resilient IRP quickly and easily integrates with your organization’s existing security and IT investments.
Overall Quality of product is excellent and helps improve business goals and objectives
Overall Quality of product is excellent and helps improve business goals and objectives
Recommendations to others considering the product:
recommend prospects to try out Resilient IRP quickly with organization’s existing security and IT investments.
IBM QRadar
What do you like best about the product?
Honestly the best thing about IBM QRadar is the support. It's a very complex tool and can be very daunting to newer admins. But an email here or there or a ticket can get almost any question possible answered in a friendly and professional manner.
What do you dislike about the product?
It's a very complex tool and can be daunting for new admins not familiar with it. Depending on the situation there can be a bit of a steep learning curve.
What problems is the product solving and how is that benefiting you?
Security visibility
Recommendations to others considering the product:
Try the new free 50 eps version of QRadar to test it in a small environment.
Glad to be using QRadar
What do you like best about the product?
The ease of searching through massive amounts of data
What do you dislike about the product?
Not easy to deploy log sources especially wincollect, we have never been able to get auto log source creation to work correctly
What problems is the product solving and how is that benefiting you?
Compliance and security monitoring
Good tool
What do you like best about the product?
It helps find and apply info easily Its one of the best tools been used
What do you dislike about the product?
There is nothing in particular that is disliked about this
What problems is the product solving and how is that benefiting you?
Notable benefits are there it helps in interacting, conveying problem solving
showing 411 - 418