My main use case for IBM Security QRadar is building a SOC with IBM Security QRadar as a SIEM.

I use IBM Security QRadar in my SOC operations as an information security management, security and event management tool, to correlate events and build use cases for incident response.

My main use case helps us to deep dive into the logs and correlate events from many other products like firewalls, endpoints, and also a lot of products.

The best features IBM Security QRadar offers include vulnerability management, a powerful integration, and being a stable product. The vulnerability management feature helps to build an asset library for our organization, and with integrations, we can integrate this vulnerability with other ticketing systems to discover new vulnerabilities and build a patch management for it.

IBM Security QRadar has positively impacted my organization by allowing me to get offenses and threats into our organization, helping me to discover the real threats attacking our organization. The real threats that IBM Security QRadar helps us with are provided as offenses, real offenses with real examples that allow us to discover new offenses and assist in closing these offenses.

IBM Security QRadar can be improved; perhaps IBM support needs improvement in fast response and also the team response.

I have been using IBM Security QRadar for about nine years.

IBM Security QRadar is stable.

IBM Security QRadar's scalability is great; you can have a new collector to deploy if you have increased EPS per second.

Customer support for IBM Security QRadar needs improvement.

I have not used a different solution before IBM Security QRadar; this is my first use.

I have seen a return on investment; I can share that it includes time saved, money saved, and fewer employees needed.

My experience with pricing, setup cost, and licensing is great compared to the other vendor.

I did not evaluate other options before choosing IBM Security QRadar.

IBM Security QRadar is stable and has great support.

I advise others looking into using IBM Security QRadar that it is really helpful for building a SOC and to get a deep dive into your real threats at the earliest time. I have given this product a review rating of 10.

I’m working with the on-prem version of IBM Security QRadar. We initially deployed it with the help of IBM’s professional services for a client, but now we handle deployments ourselves. The process is quite straightforward for us because we gained knowledge from our first implementation and used the available documentation. Deployment takes a couple of hours the first time, including configuration and integration with third-party devices. I usually work with a colleague, so two people handle the deployment. Our environment is well-suited for this, and we’re using it on a virtual appliance. The experience has been smooth and efficient.

We are promoting QRadar to various financial institutions, including banks and microfinances, as a superior option compared to other vendors like Fortinet. While some institutions are using other solutions, we are encouraging them to switch to QRadar for better security.

We monitor tweets and other activities on the IBM Security QRadar portal. Once, we noticed unusual traffic patterns, like tweets triggering alerts, and we blocked that traffic. We also detected some security issues on the APM through the portal, which was a great experience. As for integration, we’ve successfully integrated QRadar with other security products like Cisco, Fortinet, and Check Point. Initially, we worked with IBM’s professional services to guide us through the integration process, and after that, we were able to follow their steps to integrate third-party devices ourselves.

QRadar has a significant impact on operational costs for clients. For example, we’re recommending QRadar to several banks due to its effectiveness in handling high traffic and preventing scams. The banks we’ve worked with are very satisfied and are encouraging others to deploy QRadar as well.

I think QRadar is great overall. We’ve had a positive experience with it and recommend it for deployment. However, there are areas for improvement. The technical support is good, and the documentation is valuable, but it could be enhanced, especially regarding integration with other systems.

In terms of support and updates, QRadar’s capabilities are crucial for maintaining high security standards. Network and software administrators can monitor all traffic effectively, which reassures clients and drives further adoption.

I have been using IBM Security Qradar for last one years.

As for licensing costs, I haven't seen the exact figures, but it is considered somewhat costly. On a scale from one to ten, where one is very expensive and ten is very cheap, I would rate it a six—it’s costly but worth the money.

Overall, I would rate IBM QRadar as a ten.