IBM Security QRadar SIEM v7.4.3 (BYOL)
IBM Security | IBM Security QRadar SIEM v7.4.3 (BYOL)Linux/Unix, Red Hat Enterprise Linux RHEL-7.7 - 64-bit Amazon Machine Image (AMI)
Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Collect and parsing log
What do you like best about the product?
We use IBM Qradar to collect log for our customer, log have different server, computer , switch, firewall ecc and in this way we have one Siem that help us to collect and extend data retention of customer log, create different use case and generate offense for malicious activity
What do you dislike about the product?
the cost of this solution is more expensive compare with competitor
What problems is the product solving and how is that benefiting you?
Collect all type of log and for our customer that have different system is the best solution
- Leave a Comment |
- Mark review as helpful
QRadar the best SIEM
What do you like best about the product?
The scalability of the platform allows seamless integration with different products, enabling efficient correlation of events from different log sources.
What do you dislike about the product?
Initial implementation and customisation can be challenging and require significant time and expertise to adapt the system to the specific needs of the organisation.
What problems is the product solving and how is that benefiting you?
By analysing large amounts of data in near real time, QRadar identifies both known and unknown threats.
QRadar's Strengths: Impact of Intuitive Interface and Easy Integration
What do you like best about the product?
One of Qradar's strenghts is certainly the intuitive user interface, which can help less experienced users move more easily within SIEM pages. One other good thing is the scalability and easy integration with most of the products on the market, which is critical for correlating events from different log source types.
What do you dislike about the product?
The main problem encountered in 5 years of product is the the technical support received from IBM in case of major problems. Working in cyber security, I believe that response times are a fundamental point, in a world where even a few minutes can make the difference
What problems is the product solving and how is that benefiting you?
Working in a Cyber Security Operating Center with IBM QRadar Siem i can monitoring a lot of different types of host oncustomer's infrastrcuture.
QRadar- an ideal SIEM solution
What do you like best about the product?
The features like advanced threat detection, user friendly UI, scalability, AI powered automation etc. are good offerings from QRadar. And I like these features.
What do you dislike about the product?
I found some difficulties in the initial setup , customization limitation, delayed response time when load is high. If the organization size is small, then cost to acquire QRadar license can be high which makes it inaccesible.
What problems is the product solving and how is that benefiting you?
IBM Security QRadar SIEM is solving log management, risk management, incident response, threat detection etc. And prevention is better than cure. It is good to remain alerted before threat agent could do any harm.
IBM Qradar review
What do you like best about the product?
It helps into deep packet inspection to identify threat as well correlate the data for analysis and threat hunting.
What do you dislike about the product?
Cannot handle large data sets requires and ELK for data injections, memory intensive which increases the chances of instability, the latest version doesn't have a gpt kind of functions which helps adminstrator run simple query to get output as not every one can learn the query language
What problems is the product solving and how is that benefiting you?
Qradar help provide a good siem function which strengthen our society team in deep packet analysis to identify threats and help mitigate via incident response.
Intuitive after prolonged use
What do you like best about the product?
It has several options and the API ends up being very interesting to use for those who understand the subject.
It ends up being easy to implement using the documentation presented.
It ends up being easy to implement using the documentation presented.
What do you dislike about the product?
Several tabs are opened when viewing an event, something that was supposed to be simple ends up getting in the way.
What problems is the product solving and how is that benefiting you?
Making the environment we use safe
Siem since the implementation and exploitation of the application
What do you like best about the product?
easy deployment and integration with your collectors
What do you dislike about the product?
When integrating equipment that is not natively registered, parcing is cumbersome.
What problems is the product solving and how is that benefiting you?
Critical equipment alerts and active monitoring, benefiting possible attacks or vulnerabilities to the monitored systems
Qradar - A Complete SIEM Platform
What do you like best about the product?
Qradar is easy to handle tool. Qradar provides a good log or flow search experience. It is easy to handle the offenses as correlation works great and we are able to see any previous offense from the same attacker.
What do you dislike about the product?
There is only one thing which I dislike about Qradar is its dashboard experience. Qradar has very old fashioned dashboard. They added pulse for better dashboards but they discontinued it.
What problems is the product solving and how is that benefiting you?
Qradar is a complete SIEM tool platform which provides great correlation of the events so that we can get concrete offenses rather than false positives. Multiple search filters allow us to get data more accurately and precisely. Using its UEBA we can generate offenses related to user or behaviour anomalies.
Best SIEM tool I've worked with for complex environments
What do you like best about the product?
- AQL language have the same syntax as SQL, making it easy and fast to create fine grained searches;
- AQL also makes it easy to create Dashboards, really helpful to our clients;
- Rule creation is easy enough to understand and implement;
- Integration with IBM X-Force is fundamental to our operation;
- New UI's visual builder makes it super easy to search for events and flows;
- Easy to setup multiple domains for everyday use in multiple environments;
- IBM's employees provide great support;
- AQL also makes it easy to create Dashboards, really helpful to our clients;
- Rule creation is easy enough to understand and implement;
- Integration with IBM X-Force is fundamental to our operation;
- New UI's visual builder makes it super easy to search for events and flows;
- Easy to setup multiple domains for everyday use in multiple environments;
- IBM's employees provide great support;
What do you dislike about the product?
- New UI (QRadar UI (v2.32.0)) have less features than the old one, we can't search for offenses as easily: we can't search for offenses that started in an specific date, only predefined timeranges (hour, 12h, 7d, 30d etc);
- Pulse only allows to edit a dashboard if you're the one who created it. All admins should be allowed to edit them;
- We can't create notes on an offense from the new UI, notes are really helpful;
- Report building is terrible, clumsy and slow, and not a lot of customization;
- Pulse only allows to edit a dashboard if you're the one who created it. All admins should be allowed to edit them;
- We can't create notes on an offense from the new UI, notes are really helpful;
- Report building is terrible, clumsy and slow, and not a lot of customization;
What problems is the product solving and how is that benefiting you?
QRadar was our SIEM choice for it's leading position in the industry, it's easy to setup new Log Sources and it's documentation is a great resourse, although sometimes difficult to find (like API and AQL docs). We're using it to sell our SOC as a Service solution and all clients are satisfied with the tool.
Qradar Working experience in corporate
What do you like best about the product?
Dashbord and Layout for understanding for anynon tech user.
What do you dislike about the product?
No same time when the networking traffic is incress that time This tools is not working proparly.
What problems is the product solving and how is that benefiting you?
When we identifying our cloud networking and security that time qradar is helping to in our organization for incressing our detection.
showing 1 - 10