AWS Marketplace: IBM Security QRadar SIEM v7.3.2 P1

Thiago S.

Ferramenta de SIEM poderosa e flexível

September 11, 2023
Review provided by G2

What do you like best about the product?

O IBM Security Qradar SIEM tem ajudado a organização com visibilidade e proteção devido a incrível função de correlação de eventos e a habilidade de integração com as demais ferramentas.

A capacidade de receber grandes quantidades de eventos simultaneamente e correlacionar todos os logs transformando em alertas tem ajudado para a criação de ofensas para a posterior análise do time de SOC e tratativa do alerta.

É uma ferramenta extremamente intuitiva e com grande flexibilidade para a criação de alertas. Também é simples realizar ajustes para a criação de exceções nos casos de Falsos Positivos.

A grande quantidade de aplicativos para a integração com ferramentas terceiras ajudam para melhorar ainda mais a inteligência e visibilidade do ambiente com uma console centralizada e única.

Com certeza o Qradar é uma ferramenta essencial para ter uma corporação segura.

What do you dislike about the product?

Acho que deveria existir algumas condições adicionais para a criação de um alerta, por exemplo as condições “OR” e “THEN” com certeza ajudariam para utilizar em regras especificas.

Também acredito que deveriam existir melhoras para a criação e exportação de reportes diretamente da Console.

What problems is the product solving and how is that benefiting you?

A sua capacitade de dar grande visilidade e correlação ajuda o time de Segurança da Informação a reliazar pesquisas e responder rapidamente a um incidente ajudando a organização se manter segura e ter a rastreabilidade dos eventos.

Stephan v.

Honest review of an awesome SIEM solution.

August 24, 2023
Review provided by G2

What do you like best about the product?

I love that fact that QRadar is vendor acnostic. You can literally pull data from any data source and have QRadar ingest, correlate and then graphically present whatever your trying to report or monitor.

What do you dislike about the product?

Not much not to like. You can do so much. Actually sometimes too much and you get lost in all it's features. But that's not really a negative. I would just like to see better plugin management. To try and prevent the above scenario.

What problems is the product solving and how is that benefiting you?

QRadar makes it possible for us to ingest data from multiple sources. Sometimes hundreds or thousands and then easy build a report that is easy understandable.
Makes reporting alit easier.

Rajat s.

Qradar review

August 24, 2023
Review provided by G2

What do you like best about the product?

Its support all the log source type and have multi tenant function,it support nearly 450 type device support module ,support cloud infrastructure logs ,easily integrate most of log sources without any agent,provide IBM exchange to increase the functionality of SIEM.

What do you dislike about the product?

Its costly comparing to other SIEM tool.
Need some proper videos for integrating some of the log sources .
Need license for some of the additional component that will increase some additional cost.

What problems is the product solving and how is that benefiting you?

It helps us see all the logsources in a single console.It has the functionality to handle multiple clients at the same time by creating different domains.IT supports nearly all kind of log sources.it has functionality to increase the license as per our requirements. It supports threat intel platforms that helps us to update according the environment.

Madan K.

Review of IBM QRadar SIEM

August 24, 2023
Review provided by G2

What do you like best about the product?

Do you like best about ibm security QRadar SIEM is central log management is very effective, but the assimilation of the data and ability to make the data actionable is somewhat lacking as Alerting and actual monitoring does not have all of the feature and customization required to be an actual SIEM.

What do you dislike about the product?

OEM support is really poor, there is no default parser for the Oracle 19C which got released in 2021. No proper SLA is being followed for support cases raised.also it has some issues with historical investigation.

What problems is the product solving and how is that benefiting you?

It is follow the proactive approach with provide to find threat before they get severe and remove by help of analysis of the offenses. That will provide deep visibility on the log and flow to get what happening in infrastructure.

Muhammad Ashar A.

QRadar is easy to use.

August 22, 2023
Review provided by G2

What do you like best about the product?

Integration of Log Sources is very simple as compare to other SIEM.

What do you dislike about the product?

Reporting features of QRadar is not very good as compare to other SIEM solution. Other SIEM solution providing very good formats for reporting.

What problems is the product solving and how is that benefiting you?

Analyzing the network behaviour by anaylizng the payloads. Identify web attacks, malicious IPs, etc

Syed Saud u.

Product is largely distributed and very flexible

August 22, 2023
Review provided by G2

What do you like best about the product?

customization and network visualization are exceptional, uses strong analytical techniques like user behaviour and machine learning analytics for log analysis..

What do you dislike about the product?

Technological enhancements can be done like extending APIs for detection component management and log collection from S3 buckets or any software installation, Data source or log source configuration can also be enhanced via API support.

What problems is the product solving and how is that benefiting you?

Network visualization and network level troubleshoot in verifying interface level configurations helps in forensic with the past logs help in retrospective log analysis.

Financial Services

QRadar Needs Improvement

August 18, 2023
Review provided by G2

What do you like best about the product?

Central log management is very effective, but the assimilation of the data and ability to make the data actionable is somewhat lacking as alerting and actual monitoring does not have all of the features and customizations required to be an actual SIEM.

What do you dislike about the product?

Central log management is very effective, but the assimilation of the data and ability to make the data actionable is somewhat lacking as alerting and actual monitoring does not have all of the features and customizations required to be an actual SIEM. Better alerting and monitoring with the ability to customize reporting and alerting specifically tailored to an organization is not implicitly available with QRadar. The user interface is somewhat clunky and needs to have better enhancements to compete with other SIEM solutions.

What problems is the product solving and how is that benefiting you?

Centralized log management for monitoring and alerting. While QRadar when it was independent prior to the acquisition by IBM was ahead of its competitors, it seems that the enhancements and features that were supposed to be implemented and developed got lost in the acquisition. Rather than logs displaced in multiple data stores, QRadar does a great job of centrally maintaining all of the logs.

Rahul P.

Very Helpful SIEM Tool

August 18, 2023
Review provided by G2

What do you like best about the product?

Once you configured as per the Orgnization requirement then using QRadar you can analyze all the application data which is coming in and going out, all the action performed on the different application/OS.

What do you dislike about the product?

I don't have any specific point which I can say as dislike but if you did not configured this tool as per your requirement then unnecessary alerts will come which they say as false possitive.

What problems is the product solving and how is that benefiting you?

With QRadar we can monitor complete echosystem of any Orgnization which help to maintain security and compliance. It gives you all kind of reports which controls the data flowing throgh complete network between the applications/OS/Users.

Rahul P.

Good Cybersecurity Tool

August 17, 2023
Review provided by G2

What do you like best about the product?

Once configured with appropriate rules and configuration as per our requirement then QRadar is one of the best tool which will give each and evry important information/incident/report from your whole environment.

What do you dislike about the product?

I don't find much problem in QRadar, its one of the popular tool in SIEM technology. But if you have not configured it properly then it would give many false possitive which will make your life dificult.

What problems is the product solving and how is that benefiting you?

QRadar gives appropriate alerts and reports to monitor complete environment which will make Cybersecurity person life easy. You will get all view of information moving accross complete networks of all the applications along with the actions who/why/whom etc.

taha j.

IBM Security QRadar SIEM

August 15, 2023
Review provided by G2

What do you like best about the product?

IBM Security QRadar SIEM is very helped full to searching the incident and its dashboard has shown al the event and incident our all team like the IBM Security QRadar SIEM.

What do you dislike about the product?

nothing is dislike in IBM Security QRadar SIEM our team always like the IBM Security QRadar SIEM

What problems is the product solving and how is that benefiting you?

to give the free training to all bcz if people train in their will be more jobs is created .

IBM Security QRadar SIEM v7.3.2 P1 - Managed Host (BYOL)

Reviews from AWS Marketplace

External reviews

Ferramenta de SIEM poderosa e flexível

Honest review of an awesome SIEM solution.

Qradar review

Review of IBM QRadar SIEM

QRadar is easy to use.

Product is largely distributed and very flexible

QRadar Needs Improvement

Very Helpful SIEM Tool

Good Cybersecurity Tool

IBM Security QRadar SIEM