IBM Security QRadar SIEM v7.4.3 (BYOL)
IBM Security | IBM Security QRadar SIEM v7.4.3 (BYOL)Linux/Unix, Red Hat Enterprise Linux RHEL-7.7 - 64-bit Amazon Machine Image (AMI)
Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Best SIEM tool I've worked with for complex environments
What do you like best about the product?
- AQL language have the same syntax as SQL, making it easy and fast to create fine grained searches;
- AQL also makes it easy to create Dashboards, really helpful to our clients;
- Rule creation is easy enough to understand and implement;
- Integration with IBM X-Force is fundamental to our operation;
- New UI's visual builder makes it super easy to search for events and flows;
- Easy to setup multiple domains for everyday use in multiple environments;
- IBM's employees provide great support;
- AQL also makes it easy to create Dashboards, really helpful to our clients;
- Rule creation is easy enough to understand and implement;
- Integration with IBM X-Force is fundamental to our operation;
- New UI's visual builder makes it super easy to search for events and flows;
- Easy to setup multiple domains for everyday use in multiple environments;
- IBM's employees provide great support;
What do you dislike about the product?
- New UI (QRadar UI (v2.32.0)) have less features than the old one, we can't search for offenses as easily: we can't search for offenses that started in an specific date, only predefined timeranges (hour, 12h, 7d, 30d etc);
- Pulse only allows to edit a dashboard if you're the one who created it. All admins should be allowed to edit them;
- We can't create notes on an offense from the new UI, notes are really helpful;
- Report building is terrible, clumsy and slow, and not a lot of customization;
- Pulse only allows to edit a dashboard if you're the one who created it. All admins should be allowed to edit them;
- We can't create notes on an offense from the new UI, notes are really helpful;
- Report building is terrible, clumsy and slow, and not a lot of customization;
What problems is the product solving and how is that benefiting you?
QRadar was our SIEM choice for it's leading position in the industry, it's easy to setup new Log Sources and it's documentation is a great resourse, although sometimes difficult to find (like API and AQL docs). We're using it to sell our SOC as a Service solution and all clients are satisfied with the tool.
- Leave a Comment |
- Mark review as helpful
Qradar Working experience in corporate
What do you like best about the product?
Dashbord and Layout for understanding for anynon tech user.
What do you dislike about the product?
No same time when the networking traffic is incress that time This tools is not working proparly.
What problems is the product solving and how is that benefiting you?
When we identifying our cloud networking and security that time qradar is helping to in our organization for incressing our detection.
A must have SIEM tool - IBM Qradar
What do you like best about the product?
Qradar acts as a one stop solution to manage, correlate and investigate all the network, application events. The product makes it easy to remediate threats while maintaining the bottom line. IBM Qradar offers a vast insights of all the activities happening across our network. The tool also enables to identify the abnormalities in the user behaviour analytics. The eas of implementation and integration with other platforms is a feather in one's cap for Qradar.
What do you dislike about the product?
As a ardent customer of IBM Qradar for past five years, there is nothing to dislike about the product.
What problems is the product solving and how is that benefiting you?
The tool enables our organization to be more efficent in identifiying the abnormalities and act upon it before hand. IBM Qradar SIEM acts as a one place stop solution for our Security Operations team for everything right from monitoring to acting upon the offense.
perfect harmony
What do you like best about the product?
simple and professional.
its range is wide enough for all teams.
its range is wide enough for all teams.
What do you dislike about the product?
almost perfect,
there is no problem.wincollect operation is sometimes a problem
there is no problem.wincollect operation is sometimes a problem
What problems is the product solving and how is that benefiting you?
logs on servers and active network devices,
accurate events with advanced integrations.
accurate events with advanced integrations.
Facilidade de trabalhar com a ferramenta
What do you like best about the product?
Fcilidade de fazer integrações, documentação robusta.
What do you dislike about the product?
Gostaria de mais apps para integrações. Não gosto dos dashboards.
What problems is the product solving and how is that benefiting you?
Não tenho problemas com Qradar SIEM.
Best for Log Management
What do you like best about the product?
The log management is the best in class and the alerting anf notication features makes it much more userful. The API integration features makes easy of integrating Saas based applicatins.The daily use of the cusitimed user frienly dashboard is one of the best feature in the tool .
What do you dislike about the product?
Cost of increasing an EPS is higer and there is a need of manual maintainance such as log clearance.Event drops becaus of the over flow is one of the main dislike in Qradar
What problems is the product solving and how is that benefiting you?
Going forward as an organization lots of technologies have been implemented such as servers, firewalls, WAF, and end-user machines and there are many tools involved, even though every tool has its own dashboard as a security admin monitoring everything on a daily basis is complicated and by using Qradar each and very logs has been integrated and this is really helpful for our organization to monitor the overall events and by defining specific rule sets we are able to get notified during an abnormal behavior which is then revised and the necessary security measures have been taken.
Ótimo produto
What do you like best about the product?
praticidade muito facil de ultilizar e de analizar logs
What do you dislike about the product?
difucldade para encontrar certos tipos de informações quando ocorre erro ou bug
What problems is the product solving and how is that benefiting you?
Estão disponibilizando treinamentos e mais informações sobre o porduto
SIEM com muitas opções porém muito cru em outras partes
What do you like best about the product?
Entre as vantagens está na facilidade de criar regras, na implementação e no numero de opções para uso.
What do you dislike about the product?
Ele peca principalmente na parte do grafica por conta de algumas informações, acaba abrindo diversas abas e isso te faz ir de uma para outra para acabar pegando uma informação para conclusao do delito
What problems is the product solving and how is that benefiting you?
Responder a incidentes, administrar a rede e lidar com casos envolvendo conexões suspeitas.
Uma ótima ferramenta para eventos de segurança
What do you like best about the product?
Possui uma interface muito intuitiva e fornece relatórios que ajudam no esclarecimento
What do you dislike about the product?
O aprendizado é mais extenso por possuir muitas funcionalidades e em alguns momentos de instabilidade no uso
What problems is the product solving and how is that benefiting you?
Detecção de ameaças e tratamento desses eventos
Avaliação Qradar
What do you like best about the product?
Facilidade no gerenciamento e criação de regrar. Possibilita integração com varios apps
What do you dislike about the product?
Não tenho pontos negativos a ressaltar..
What problems is the product solving and how is that benefiting you?
Ajuda na identificação de ameaças relacionado a organização.
showing 1 - 10