IBM Security QRadar SIEM v7.4.3 (BYOL)
IBM Security | IBM Security QRadar SIEM v7.4.3 (BYOL)Linux/Unix, Red Hat Enterprise Linux RHEL-7.7 - 64-bit Amazon Machine Image (AMI)
Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
One of the best siem tool
What do you like best about the product?
Qradar is a one of the great tool for siem, if you want to monitor real time logs and also prevent any cyber attacks. There customer service is great in the industry, if you want to upgrade qradar with latest version and you stuck in between you can connect with there team and they will help you to do that..
What do you dislike about the product?
None. Everything is perfect as of my point of view
What problems is the product solving and how is that benefiting you?
Cyber attacks, helping do to threat hunting activity,real time monitoring, true postive n false positive
- Leave a Comment |
- Mark review as helpful
An SIEM with great UI, more flexible log management and explicit security use case creation process.
What do you like best about the product?
- I have worked on various SIEM technologies. IBM Qradar is one of them. One thing I liked the most about it is, It has a great UI which makes it very easy to understand all functionalities.
- IBM Qradar supports multiple types of log sources and devices that give us flexibility in integrating all kinds of necessary logs.
- It has a very easy way to manage and process Threat Intelligence.
- OEM support is great.
- Great features such as UBA and Operations App for monitoring suspicious user activities and their impact on the system. Threat Intelligence App for fetching TI
feeds, Usecase manager app to optimally configure rules for enhancing the detection mechanism and MITRE ATT&CK mapping.
- IBM Qradar supports multiple types of log sources and devices that give us flexibility in integrating all kinds of necessary logs.
- It has a very easy way to manage and process Threat Intelligence.
- OEM support is great.
- Great features such as UBA and Operations App for monitoring suspicious user activities and their impact on the system. Threat Intelligence App for fetching TI
feeds, Usecase manager app to optimally configure rules for enhancing the detection mechanism and MITRE ATT&CK mapping.
What do you dislike about the product?
- Many times the search queries get failed while fetching logs even for one week. Then we need to fetch logs by segregating the search for 3-3 days. That takes more time.
- Faced data parsing issues sometimes.
- Faced data parsing issues sometimes.
What problems is the product solving and how is that benefiting you?
- Qradar with SOAR integration automates many incident response processes such as Phishing Email investigation, Blocking of IOCs, and Responding to common
malware alerts. This has helped to reduce the overall workload.
malware alerts. This has helped to reduce the overall workload.
Recommendations to others considering the product:
- Overall IBM Qradar is a very well-organized platform and the support from the OEM is great. This tool will always be my first recommendation for any kind of small to large security operations centre management.
QRadar SIEM Service Delivery Manager
What do you like best about the product?
Content Management, Administration, Reporting, Quality & Incident Management
What do you dislike about the product?
Threat Intelligence Feeds Clean Up, Upgradation Period
What problems is the product solving and how is that benefiting you?
Multi-Tenanting & Ease of Use & Dashboards
14 years of IT experience
What do you like best about the product?
Easy to setup and scalable
faster result
good price compared to other tools like splunk
faster result
good price compared to other tools like splunk
What do you dislike about the product?
Lack some features in SAP monitoring
High Cost of AI and ML features
Can be more improved in terms of securing and integrity
High Cost of AI and ML features
Can be more improved in terms of securing and integrity
What problems is the product solving and how is that benefiting you?
We use QRadar to collect logs and monitor user activity and traffic from one site to other site. The SOC team monitor the traffic from the logs. All internet activity and the output of every device is configured to send a log to QRADER. we can view live internet traffice and all other network traffice.
Recommendations to others considering the product:
it is a best tool interm of cost and easy to setup
This is a very much good product. Users can relies without worrying.
What do you like best about the product?
The hardware is excellent. Performance is smooth.
What do you dislike about the product?
I have nothing to mention about this. I have not found any negative with the solution.
What problems is the product solving and how is that benefiting you?
The possibility of losing data is close to zero. Data is safe here.
Recommendations to others considering the product:
You can reply on IBM Security QRadar.
SIEM solution at a reasonable cost
What do you like best about the product?
1) Good GUI interface
2) Creating rules/ security usecase/alerts is very easy since we need to select appropriate conditions through drop down
3) Qradar comes at a reasonable cost
4) It works at a very optimum level in case of MSSP environment
2) Creating rules/ security usecase/alerts is very easy since we need to select appropriate conditions through drop down
3) Qradar comes at a reasonable cost
4) It works at a very optimum level in case of MSSP environment
What do you dislike about the product?
1) Dashboard creation is very difficult
2) it needs expertise to handle the Qradar during upgrades
2) it needs expertise to handle the Qradar during upgrades
What problems is the product solving and how is that benefiting you?
It is solving the monitoring of cyber security for any client environment.
Its one of the finest tools with advance capibiltes like threat intelligence integration, integration with Soar tools, performing detailed analysis of the logs, small level inbuilt ticketing system to assign and work on offenses.
Its one of the finest tools with advance capibiltes like threat intelligence integration, integration with Soar tools, performing detailed analysis of the logs, small level inbuilt ticketing system to assign and work on offenses.
It have very user friendly interface.
What do you like best about the product?
Its log activity tab which is for search
What do you dislike about the product?
It's little bit slow while we add a long search.
What problems is the product solving and how is that benefiting you?
incident response which allow analys to escalate
Provide good visibility to your network incidents, SIEM cases, network flows.
What do you like best about the product?
The best thing I like about QRadar is its perfect integration with SOAR Resilient to have automated response/action. If you have good rules and a playbook, it will make your life a lot easier.
What do you dislike about the product?
What I dislike about QRadar is not keeping pace with the new technologies/features that are now available in the market. Solutions like Elastic stack gave users a whole new level of options to play with and modify.
What problems is the product solving and how is that benefiting you?
On an enterprise level, QRadar SIEM with Resilient is reducing the workload by automating different types of use cases that previously need human intervention every time a case is triggered.
Recommendations to others considering the product:
It is always a good SIEM tool but the cost is the factor here.
Its ease of use
What do you like best about the product?
All round security , application console
What do you dislike about the product?
Nothing as such.Its jst easy for everyone
What problems is the product solving and how is that benefiting you?
We are using Qradar SIEM for Monitioring and analysing security threat.Its shows much accurate results and help us in defending threats
IBM Security QRadar is very friendly to Analysis
What do you like best about the product?
IBM Security QRadar is very friendly and it's a great use to our organization for Analysis of our security postures and it's very fast and analysis friendly as compared to other SIEM
What do you dislike about the product?
There are very few Dislikes but one thing that i would like to point out is that we should have more integration of this with other tools i.e more interoperability
What problems is the product solving and how is that benefiting you?
It's showings as the Gap and Loopholes in our current environment and help us to resolve them on time with proper incident response and planning and well coorealted with Security frameworks.
showing 71 - 80