IBM Security QRadar SIEM v7.4.3 (BYOL)
IBM Security | IBM Security QRadar SIEM v7.4.3 (BYOL)Linux/Unix, Red Hat Enterprise Linux RHEL-7.7 - 64-bit Amazon Machine Image (AMI)
Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Greater visibility of your network
What do you like best about the product?
It can be integrate with most of the devices ( Routers, Servers, DB Servers, Critical Devices, Critical Applications etc.,), Its highly scalable and gives greater visibility also good in event management.
What do you dislike about the product?
It's much complicated in implementation and usage
What problems is the product solving and how is that benefiting you?
With the help of Qradar proactively control the security events in our organization
Recommendations to others considering the product:
Do prepare the use cases and do a proof of concept at least a month then take a right decision
- Leave a Comment |
- Mark review as helpful
I recommend IBM, since it is easy to use interface and easy to search
What do you like best about the product?
The interface is very straight forward and live events is easy to read
What do you dislike about the product?
creating correlation rule inside the interface is not easy
What problems is the product solving and how is that benefiting you?
Security incidents
Recommendations to others considering the product:
Make sure to understand the architecture of IBM before implementing it
Recommended one for SOC.
What do you like best about the product?
Customisation as per requirement and details of information in events and logs.
What do you dislike about the product?
I think technical support could have been better.
What problems is the product solving and how is that benefiting you?
Monitoring the logs of devices and fine tuning those devices with best practices.
Excellent product that works using infrastructure logs
What do you like best about the product?
Dashboards give good insights to management and technical workers. Event monitoring improves if the logs provided to qradar are specific.
What do you dislike about the product?
Unable to expand storage easily using lvm.
What problems is the product solving and how is that benefiting you?
Infrastructure security, threat intelligence, management reports on security of infrastructure.
Recommendations to others considering the product:
It's a really nice product, specially when you use threat intelligence component and Watson analyzer
Security logs
What do you like best about the product?
Ingest vast amounts of data from on-prem and cloud sources.
Applies built-in analytics to accurately detect threats.
Correlate related activities to prioritize incidents.
Automatically parses and normalizes logs.
Threat intelligence and support for STIX/TAXII.
Applies built-in analytics to accurately detect threats.
Correlate related activities to prioritize incidents.
Automatically parses and normalizes logs.
Threat intelligence and support for STIX/TAXII.
What do you dislike about the product?
You can send a denial of service. The Linux kernel used by QRadar is vulnerable to a denial of service due to an error in functionality.
What problems is the product solving and how is that benefiting you?
Use of analytics to eliminate threats .
Analyze the offenses .
Analyze the offenses .
Qradar is a best tool if you are looking for SIEM solutions. It's great tool for threat hunting.
What do you like best about the product?
It's great tool for threat hunting & log analysis
What do you dislike about the product?
It's complex somewhat , difficult to analyse the logs.
What problems is the product solving and how is that benefiting you?
We use for log reporting & Analysis
the platform is friendly and robust and It has many advantages to be exploited to the fullest
What do you like best about the product?
the platform is friendly and robust and It has many advantages to be exploited to the fullest, which are of great help in detecting vulnerabilities and threats.
What do you dislike about the product?
la sección de reenvío de eventos no está muy bien definida y desarrollada ya que he tenido inconvenientes al tratar de realizar el reenvío hacia otro siem por decisión del cliente.
What problems is the product solving and how is that benefiting you?
collection of general team events, rules for detecting threats, the benefits is that the platform already includes several rules that are highly supportive.
QRadar feedback
What do you like best about the product?
vendor direct integration
2FA support for login
2FA support for login
What do you dislike about the product?
threat intelligence need more improvement
What problems is the product solving and how is that benefiting you?
better visibility
Number 1 Recommendation for Monitoring
What do you like best about the product?
1. The Console is very User Friendly like any new user can use it with ease.
2. IBM Qradar Team provide the Communtity Edition for newbie for learning without expiration which is on of the best service.
2. IBM Qradar Team provide the Communtity Edition for newbie for learning without expiration which is on of the best service.
What do you dislike about the product?
IBM Qradar supports is not up to the mark most of the time if we raise ticket. It takes long to get resolve our problem.
What problems is the product solving and how is that benefiting you?
Reduce Threats, Real time monitoring, Compliance
A good tool with easy deployment and configuration.
What do you like best about the product?
Visibility achieved through SIEM solution
What do you dislike about the product?
Applications integration which is not easy.
What problems is the product solving and how is that benefiting you?
Integration of all security assets on one console
showing 201 - 210