Sign in
Sign in
or
Create a new account
Categories
Your Saved List Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

IBM Security QRadar Suite Software: SIEM & SOAR

IBM Security | 1

Reviews from AWS Marketplace

0 AWS reviews
  • 5 star
    0
  • 4 star
    0
  • 3 star
    0
  • 2 star
    0
  • 1 star
    0

External reviews

23 reviews
from G2

External reviews are not included in the AWS star rating for the product.

    Retail

Very expensive for what little it offers

  • March 28, 2024
  • Review provided by G2

What do you like best about the product?
Best integration with QRADAR and some other IBM tools
What do you dislike about the product?
Have some bugs our lack the integrations with Trend Micro solutions
What problems is the product solving and how is that benefiting you?
Enrich events

    Information Technology and Services

Qradar soar

  • March 26, 2024
  • Review provided by G2

What do you like best about the product?
This is the great tool to automate and respond on the alerts using playbook which help to identify real incidents and triage alerts.
What do you dislike about the product?
Proper knowledge and guidance needed to setup and maintaining playbook
What problems is the product solving and how is that benefiting you?
Major issue that this is solving is reducing mean time response for alert i.e., saving time .

    Consulting

Great automation and response tool

  • February 24, 2024
  • Review provided by G2

What do you like best about the product?
It is a great security tool to streamline security processes and workflows. It has great automation capabilites which reduces manual work for security operations. It also allows to create custome playbooks and also easily integrates with different security platforms.
What do you dislike about the product?
It is bit complex to work on initially and takes time to get used to with all the feautues.
What problems is the product solving and how is that benefiting you?
It helps to streamline security processes and workflows in our organization. It helps to automate security incdents and reduces manual work for security operations. It helps to create custom playbooks which helps to configure as per our security environment.

    Alan P.

Excellent IBM software does everything we need.

  • July 20, 2023
  • Review provided by G2

What do you like best about the product?
It is quite simple to construct a workflow by dragging dropdown boxes and connecting them; the interface provides a fantastic method to view the stages we are developing and allows us to rapidly apply each of them. The biggest advantage is its extensive connectivity library, which allows us to connect to Jira, Lacework, Gsuite, and other providers as needed. The combination of all of these SaaS offerings results in unique commercial capabilities.
What do you dislike about the product?
It rapidly hits its limits when it comes to sophisticated transformations and manipulations, and implementations become quite difficult. I'd like to be able to effortlessly version control all of my tales, hide my secrets, and even edit them with pull requests. I would want to see first-rate integration with a version control system.
What problems is the product solving and how is that benefiting you?
The key issue that he assists the organization with is reducing the amount of time spent on repeated manual operations by utilizing some security measures. We were able to automate several procedures by interacting with numerous tools and incorporating various people from various teams and roles, which increased efficiency and saved time. We mostly use IBM Security QRadar SOAR to test for vulnerabilities; it allows you to analyze the complete event payload and filter and add a lot of relevant information to the Jira ticket. We can use IBM Security QRadar SOAR to swiftly automate processes that are resilient, auditable, and debuggable without having to write any code.

    Alina S.

I'm have working with IBM SOAR since February 2023

  • July 13, 2023
  • Review verified by G2

What do you like best about the product?
I'm have working with IBM SOAR since February 2023. For me helpful is fast automatic reaction
What do you dislike about the product?
I dislike when i need connect application which absent in X-force
What problems is the product solving and how is that benefiting you?
Fast reaction to incident response

    Süleyman A.

my experiences.

  • July 06, 2023
  • Review provided by G2

What do you like best about the product?
units with advanced capabilities to manage and automate security operations.
Some of the features on the appreciation surface are the ability to maintain and analyze security protections, automate incident response business processes and integrate them with various security tools.

It manages to increase the protections of security operations and help respond effectively to threats.
What do you dislike about the product?
While IBM Security QRadar SOAR has many powerful features, it is worth noting that some users may find the platform initially complex to install and configure. Also, depending on an organization's specific needs and requirements, there can be a learning curve involved in understanding and effectively using all the functionality of the platform. It is always a good idea to evaluate different solutions and consider factors such as usability, integration capabilities and overall fit with your organization's security operations
What problems is the product solving and how is that benefiting you?
It meets almost all expectations on the SOC side.

    Muhammad B.

IBM Security QRadar SOAR

  • May 24, 2023
  • Review provided by G2

What do you like best about the product?
IBM Security QRadar SOAR is Security Orchestration, Automation and Response. It is used to generate automatic response against any malicious activity performed overall the infrastructure of any organization. we can create playbooks to automate the process . Like if any user is trying to access a website that is being blocked over the firewall, hence we can block the IP of the user on firewall so he may not access the blocked website.
What do you dislike about the product?
Creating playbooks requires a programming development skill such as one must learn python language so he can easily create playbooks. We can disable active directory user through SOAR against any malicious activity.
What problems is the product solving and how is that benefiting you?
IBM Security QRadar SOAR is used to generate automatic response. So it can be used as incident register and also for incident response through customized build playbooks.

    Computer & Network Security

Strong Cyber Analyze Tool

  • April 18, 2023
  • Review verified by G2

What do you like best about the product?
Strong rules writing and reference sets are very useful
What do you dislike about the product?
Graphical interfaces. Such as filter columns are not dynamic and sorting is not work
What problems is the product solving and how is that benefiting you?
Authorization Problem, Network attacks

    Information Technology and Services

IBM Resilient SOAR Review

  • June 01, 2022
  • Review verified by G2

What do you like best about the product?
Good to use. User friendly, support from IBM
What do you dislike about the product?
Right now it is getting replaced by CP4S. Hence very less integrations out of box.
What problems is the product solving and how is that benefiting you?
SOAR tool, used for consolidating security incidents for better visibilty.
Recommendations to others considering the product:
Old product. Will be getting replaced by IBM CP4S.

    Swapnil R.

Powerful customizable tool but only when it's configured correctly

  • July 23, 2020
  • Review provided by G2

What do you like best about the product?
IBM resilient soar is good platform when we consider automation in process. We have integrated this tool with IBM Qradar. Best part is that it can automate the security incidents directly without human interference. We can do part of automation which we want to automate, their are lots of functionalities in this tool itself. Incidents can be created automatically or manually. We can integrate the other API also. This tool helps in saving the time and meeting the SLA.
What do you dislike about the product?
This tool is best when all the configuration is done correctly otherwise you will face number of small problems. It's a powerful but it needs time for proper setup. As we have integrated resilient with Qradar, when we do some changes in Qradar, resilient stops working because of some error. This happens frequently. So we have to fix this number of times. Sometimes Qradar data tables not generate in resilient so that creation of incidents stops for a while.
What problems is the product solving and how is that benefiting you?
Sometimes resilient fails to fetch data from Qradar which stops the incident creation. This problem we are solving with the resilient.
Recommendations to others considering the product:
Resilient is best automation tool for the quick generation of incidents. It helps in creation of major and critical incidents generation within SLA. But we cannot compare it with human analysis and investigation. It helps only generation of incidents with some details. After that analyst have to do actual investigation for the case.

showing 1 - 10