IBM Security QRadar SIEM v7.4.3 (BYOL)
IBM Security | IBM Security QRadar SIEM v7.4.3 (BYOL)Linux/Unix, Red Hat Enterprise Linux RHEL-7.7 - 64-bit Amazon Machine Image (AMI)
Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
IBM Qradar Review
What do you like best about the product?
It provides an excellent UI where we can do a lot of things related to analysis and administration along with CLI and AQL query language.
Other SIEM tools are completely based on query languages which makes it difficult to quickly onboard new team members.
Other SIEM tools are completely based on query languages which makes it difficult to quickly onboard new team members.
What do you dislike about the product?
QRadar has some performance issues related to slowness of UI and query processing. It's query processing engine is not as powerful as other SIEM tools like Splunk.
What problems is the product solving and how is that benefiting you?
IBM QRadar is a SIEM tools where we can ingest logs from different security and non security tools and write query to fetch insights also we can create detection rules for proactive detection of cyber malicious activities.
- Leave a Comment |
- Mark review as helpful
Very powerfull tools if configured in a correct way
What do you like best about the product?
How easy you can perform query and perform searches. Easy to creat use case and there is a lot of built in use case. Very powerfull user analytics.
What do you dislike about the product?
Some aql query cannot be shared betwwn users
What problems is the product solving and how is that benefiting you?
I perform incident forensic with qradar because it contains network/ operating system and all other security tools which can be corroletade
Recommendation
What do you like best about the product?
Qradar tools and all the applications provide us with complete information events log details to provide complete security to the environment.
What do you dislike about the product?
nothing else they support us well. they just needed to focus on their updates.
What problems is the product solving and how is that benefiting you?
at any problem, they provide us with great solutions.
Recommendations to others considering the product:
best for SIEM purpose.
Recommend
What do you like best about the product?
User friendly easy to handle. Cost effective. Very intelligent. It is so smart to handle logs and make work load easy.
What do you dislike about the product?
Some things so little bit complicated. If the cost will less then every company can efford the cost like security devices
What problems is the product solving and how is that benefiting you?
Monitoring logs and admin part of qradar like managing devices user etc.
Pro active approach
Pro active approach
Recommendations to others considering the product:
Yes
IBM Security QRadar is one of the best SIEM solutions, owing to its smooth performance.
What do you like best about the product?
Friendly UI.
Rapid Support.
Smooth Performance.
Rapid Support.
Smooth Performance.
What do you dislike about the product?
Graphical Representation should be made more interactive.
What problems is the product solving and how is that benefiting you?
The SIEM solution helps in correlation of security events in an efficient way and helpful in mitigating the risks.
QRadar expensive but worth it
What do you like best about the product?
All the features provided which are missing in ELK like freewares
What do you dislike about the product?
High price. IBM Qradar is an expensive licence to have.
What problems is the product solving and how is that benefiting you?
IBM Qradar helps in all SOC and SIEM related issues and alerts are well configured.
One of the Leading Siem Tool
What do you like best about the product?
Analyst part, Apps, Integratigration, User case, DashBoard, Reporting
What do you dislike about the product?
User interface, work on the complex use case system.
What problems is the product solving and how is that benefiting you?
Integration, frequently disk utilization
Recommendations to others considering the product:
Yes
superior SoC capabilities along with threat hunting
What do you like best about the product?
Integration with third party security solutions for better security posture
What do you dislike about the product?
Parcing of logs from custom Solution with AI and ML capabilities
What problems is the product solving and how is that benefiting you?
Automation, visibility and control
Recommendations to others considering the product:
NA
Reliable
What do you like best about the product?
its network devices, host assets and operating systems
What do you dislike about the product?
vulnerabilities and user activities and behaviours
What problems is the product solving and how is that benefiting you?
Cloud solution
IBM QRadar - Designing, Deploying and day 2 day operations.
What do you like best about the product?
IBM QRadar is a pretty decent tool in my view, it is quick and easy to install, has a simple architecture, easy to ingest logs, console/dashboard is simple and comprehensive, has good out-of-the-box integration capabilities.
What do you dislike about the product?
Based on our experience some of the issues we encountored were integration capabilities with custom, less known or homegrown applications. Other area's when compared to next generation SIEM's - inhernt capabilities and advantages of data lake, data management, SOAR platform benefits and reporting and searching capabilities are basic and limited. Cost of ownership is also on higher side which i belive can be simplified, at times it is difficult to get right support from OEM.
What problems is the product solving and how is that benefiting you?
QRadar is our single source to ingest important security audit logs from our estate, helps us do log correlation, perform key analysis on security incident management, address compliance local and international compliance requirements.
showing 141 - 150