IBM Security QRadar SIEM v7.4.3 (BYOL)
IBM Security | IBM Security QRadar SIEM v7.4.3 (BYOL)Linux/Unix, Red Hat Enterprise Linux RHEL-7.7 - 64-bit Amazon Machine Image (AMI)
Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Experience with IBM Security QRadar SIEM
What do you like best about the product?
It is a great tool which can be used for threat monitoring, detection and response. It is User Friendly
What do you dislike about the product?
The tool's reporting and cost could be better for small or mid size companies
What problems is the product solving and how is that benefiting you?
Gives better visibility of security alerts across different platforms
- Leave a Comment |
- Mark review as helpful
Ferramenta de SIEM poderosa e flexível
What do you like best about the product?
O IBM Security Qradar SIEM tem ajudado a organização com visibilidade e proteção devido a incrível função de correlação de eventos e a habilidade de integração com as demais ferramentas.
A capacidade de receber grandes quantidades de eventos simultaneamente e correlacionar todos os logs transformando em alertas tem ajudado para a criação de ofensas para a posterior análise do time de SOC e tratativa do alerta.
É uma ferramenta extremamente intuitiva e com grande flexibilidade para a criação de alertas. Também é simples realizar ajustes para a criação de exceções nos casos de Falsos Positivos.
A grande quantidade de aplicativos para a integração com ferramentas terceiras ajudam para melhorar ainda mais a inteligência e visibilidade do ambiente com uma console centralizada e única.
Com certeza o Qradar é uma ferramenta essencial para ter uma corporação segura.
A capacidade de receber grandes quantidades de eventos simultaneamente e correlacionar todos os logs transformando em alertas tem ajudado para a criação de ofensas para a posterior análise do time de SOC e tratativa do alerta.
É uma ferramenta extremamente intuitiva e com grande flexibilidade para a criação de alertas. Também é simples realizar ajustes para a criação de exceções nos casos de Falsos Positivos.
A grande quantidade de aplicativos para a integração com ferramentas terceiras ajudam para melhorar ainda mais a inteligência e visibilidade do ambiente com uma console centralizada e única.
Com certeza o Qradar é uma ferramenta essencial para ter uma corporação segura.
What do you dislike about the product?
Acho que deveria existir algumas condições adicionais para a criação de um alerta, por exemplo as condições “OR” e “THEN” com certeza ajudariam para utilizar em regras especificas.
Também acredito que deveriam existir melhoras para a criação e exportação de reportes diretamente da Console.
Também acredito que deveriam existir melhoras para a criação e exportação de reportes diretamente da Console.
What problems is the product solving and how is that benefiting you?
A sua capacitade de dar grande visilidade e correlação ajuda o time de Segurança da Informação a reliazar pesquisas e responder rapidamente a um incidente ajudando a organização se manter segura e ter a rastreabilidade dos eventos.
Honest review of an awesome SIEM solution.
What do you like best about the product?
I love that fact that QRadar is vendor acnostic. You can literally pull data from any data source and have QRadar ingest, correlate and then graphically present whatever your trying to report or monitor.
What do you dislike about the product?
Not much not to like. You can do so much. Actually sometimes too much and you get lost in all it's features. But that's not really a negative. I would just like to see better plugin management. To try and prevent the above scenario.
What problems is the product solving and how is that benefiting you?
QRadar makes it possible for us to ingest data from multiple sources. Sometimes hundreds or thousands and then easy build a report that is easy understandable.
Makes reporting alit easier.
Makes reporting alit easier.
Best SIEM for our network needs!
What do you like best about the product?
IBM Security QRadar SIEM is very easy to configure. When this product was first demonstrated to us, we easily understood how it works and how it can help us in our network. All events and incidents are easy to analyze because of this tool.
What do you dislike about the product?
Right now, we are still trying to enjoy this product and we haven't found anything to dislike yet. Just make sure to properly fine tune this SIEM and make sure all devices that forward logs have sufficient value.
What problems is the product solving and how is that benefiting you?
With IBM Security QRadar SIEM, we can easily identify events and findings in our network. We can easily detect if there are threats and because of this, we can mitigate all or most of them in a short period of time.
Qradar review
What do you like best about the product?
Its support all the log source type and have multi tenant function,it support nearly 450 type device support module ,support cloud infrastructure logs ,easily integrate most of log sources without any agent,provide IBM exchange to increase the functionality of SIEM.
What do you dislike about the product?
Its costly comparing to other SIEM tool.
Need some proper videos for integrating some of the log sources .
Need license for some of the additional component that will increase some additional cost.
Need some proper videos for integrating some of the log sources .
Need license for some of the additional component that will increase some additional cost.
What problems is the product solving and how is that benefiting you?
It helps us see all the logsources in a single console.It has the functionality to handle multiple clients at the same time by creating different domains.IT supports nearly all kind of log sources.it has functionality to increase the license as per our requirements. It supports threat intel platforms that helps us to update according the environment.
Review of IBM QRadar SIEM
What do you like best about the product?
Do you like best about ibm security QRadar SIEM is central log management is very effective, but the assimilation of the data and ability to make the data actionable is somewhat lacking as Alerting and actual monitoring does not have all of the feature and customization required to be an actual SIEM.
What do you dislike about the product?
OEM support is really poor, there is no default parser for the Oracle 19C which got released in 2021. No proper SLA is being followed for support cases raised.also it has some issues with historical investigation.
What problems is the product solving and how is that benefiting you?
It is follow the proactive approach with provide to find threat before they get severe and remove by help of analysis of the offenses. That will provide deep visibility on the log and flow to get what happening in infrastructure.
QRadar is easy to use.
What do you like best about the product?
Integration of Log Sources is very simple as compare to other SIEM.
What do you dislike about the product?
Reporting features of QRadar is not very good as compare to other SIEM solution. Other SIEM solution providing very good formats for reporting.
What problems is the product solving and how is that benefiting you?
Analyzing the network behaviour by anaylizng the payloads. Identify web attacks, malicious IPs, etc
Product is largely distributed and very flexible
What do you like best about the product?
customization and network visualization are exceptional, uses strong analytical techniques like user behaviour and machine learning analytics for log analysis..
What do you dislike about the product?
Technological enhancements can be done like extending APIs for detection component management and log collection from S3 buckets or any software installation, Data source or log source configuration can also be enhanced via API support.
What problems is the product solving and how is that benefiting you?
Network visualization and network level troubleshoot in verifying interface level configurations helps in forensic with the past logs help in retrospective log analysis.
IBM Security QRadar SIEM
What do you like best about the product?
IBM Security QRadar SIEM is very helped full to searching the incident and its dashboard has shown al the event and incident our all team like the IBM Security QRadar SIEM.
What do you dislike about the product?
nothing is dislike in IBM Security QRadar SIEM our team always like the IBM Security QRadar SIEM
What problems is the product solving and how is that benefiting you?
to give the free training to all bcz if people train in their will be more jobs is created .
Qradar review
What do you like best about the product?
I have been using qradar since February 2022, great tool to use and the thing I like the most about qradar is coalescing and group by functionality.
What do you dislike about the product?
The interface is quite messy need to improve dashboards as well.
What problems is the product solving and how is that benefiting you?
I think coalescing function helps me alot in incident response.
showing 31 - 40