IBM Security QRadar SIEM v7.4.3 (BYOL)
IBM Security | IBM Security QRadar SIEM v7.4.3 (BYOL)Linux/Unix, Red Hat Enterprise Linux RHEL-7.7 - 64-bit Amazon Machine Image (AMI)
Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
It have very user friendly interface.
What do you like best about the product?
Its log activity tab which is for search
What do you dislike about the product?
It's little bit slow while we add a long search.
What problems is the product solving and how is that benefiting you?
incident response which allow analys to escalate
- Leave a Comment |
- Mark review as helpful
Provide good visibility to your network incidents, SIEM cases, network flows.
What do you like best about the product?
The best thing I like about QRadar is its perfect integration with SOAR Resilient to have automated response/action. If you have good rules and a playbook, it will make your life a lot easier.
What do you dislike about the product?
What I dislike about QRadar is not keeping pace with the new technologies/features that are now available in the market. Solutions like Elastic stack gave users a whole new level of options to play with and modify.
What problems is the product solving and how is that benefiting you?
On an enterprise level, QRadar SIEM with Resilient is reducing the workload by automating different types of use cases that previously need human intervention every time a case is triggered.
Recommendations to others considering the product:
It is always a good SIEM tool but the cost is the factor here.
Its ease of use
What do you like best about the product?
All round security , application console
What do you dislike about the product?
Nothing as such.Its jst easy for everyone
What problems is the product solving and how is that benefiting you?
We are using Qradar SIEM for Monitioring and analysing security threat.Its shows much accurate results and help us in defending threats
IBM Security QRadar is very friendly to Analysis
What do you like best about the product?
IBM Security QRadar is very friendly and it's a great use to our organization for Analysis of our security postures and it's very fast and analysis friendly as compared to other SIEM
What do you dislike about the product?
There are very few Dislikes but one thing that i would like to point out is that we should have more integration of this with other tools i.e more interoperability
What problems is the product solving and how is that benefiting you?
It's showings as the Gap and Loopholes in our current environment and help us to resolve them on time with proper incident response and planning and well coorealted with Security frameworks.
Qradar Easy to use
What do you like best about the product?
Easy to use, very helpful for Security Monitoring and Investigations with single dashboard including many plugins dashboard, such as fortigate dashboard plugins.
What do you dislike about the product?
On latest version, everytime to view log source list Qradar pop up to open mew tabs, i hope its can stay on single tab back again like oldest version. Soon SOAR is can be bundle on Qradar.
What problems is the product solving and how is that benefiting you?
Ticket respond from support is always satisfied, because every cases can be solved by remote session, this is amazing since another SIEM tools need subscription to solve problem with their Proffesional Support team.
Recommendations to others considering the product:
Stay on single dashboard, no need to open new tab when click something.
For OWASP security standard it is excellent tool to use of SIEM
What do you like best about the product?
By using it's to handling best security practice and it's event management. Also, incidence handling by to OWASP standards in our application is highly provided by us.
What do you dislike about the product?
Overall need to upgrade it every month to newly genrated events that may use daily in our applications and infrastructure to possible new genrated to get dffrent type of event handling.
What problems is the product solving and how is that benefiting you?
For better security and business contueneous improvement we have best practicess following by using it. As compare to other SIEM tool it is fast forword to grow up.
SIEM IBM QRadar Review
What do you like best about the product?
QRadar Provides user friendly interface with easy searching method and returning the search results in both logs & Graphical view for better anlaysis. It provides distributed and standalone architecture and easy to deploy in any scale of orgnization. Also, it supports large set of device source types.
What do you dislike about the product?
My observation is QRadar is bit weak in Parsing many of the supported devices running on latest version which could cause issues in correlation of events and reporting.
What problems is the product solving and how is that benefiting you?
QRadar takes input from various sources like logs from devices, packets from TAPs, flows from Firewall/switches, Endpoint data from Sysmon/EDR providing complete visibility over organization network and uncovering blind spots. Can correlate both logs/flows together to drill down to the source of the incident.
Its overall a good tool for SIEM
What do you like best about the product?
Easy to use queries, efficient ways to import logs from multiple sources, in-depth analysis of the log data.
What do you dislike about the product?
It is little complicated for beginners and threat analysis could be simplified.
What problems is the product solving and how is that benefiting you?
It helps to solve the threats faced by the organisation by detecting them in real time.
Qradar review
What do you like best about the product?
I liked the most is speed and correlation engine and analytical capability.
What do you dislike about the product?
It's bit slower when we access the historical data like 1 year past or 6 month , it should be fast enough.
What problems is the product solving and how is that benefiting you?
It is great helpful for us to monitor the security incident and event across all devices in our company network.
It solved the problem of loggin into each devices to check logs.
It solved the problem of loggin into each devices to check logs.
It is swift and new features make it very obvious choise .
What do you like best about the product?
Mitre integration, faster log fetching .
What do you dislike about the product?
We can't search offense by keeping multiple domain together.
What problems is the product solving and how is that benefiting you?
In comparision to Arcsight it is faster and smooth while fetching logs for advisories.
showing 81 - 90