Sign in
Categories
Your Saved List Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

IBM Security QRadar SIEM v7.4.3 (BYOL)

IBM Security | IBM Security QRadar SIEM v7.4.3 (BYOL)

Linux/Unix, Red Hat Enterprise Linux RHEL-7.7 - 64-bit Amazon Machine Image (AMI)

Reviews from AWS Marketplace

0 AWS reviews
  • 5 star
    0
  • 4 star
    0
  • 3 star
    0
  • 2 star
    0
  • 1 star
    0

External reviews

336 reviews
from G2

External reviews are not included in the AWS star rating for the product.


    Computer & Network Security

Avaliação Qradar

  • November 28, 2023
  • Review provided by G2

What do you like best about the product?
Facilidade no gerenciamento e criação de regrar. Possibilita integração com varios apps
What do you dislike about the product?
Não tenho pontos negativos a ressaltar..
What problems is the product solving and how is that benefiting you?
Ajuda na identificação de ameaças relacionado a organização.


    Computer & Network Security

SOC Analyst

  • November 28, 2023
  • Review provided by G2

What do you like best about the product?
Help in flows at network, help in incidents
What do you dislike about the product?
Interface, maybe can be more intuitive IU
What problems is the product solving and how is that benefiting you?
UEBA for analysis users


    Jean S.

QRadar, potencializando a visibilidade e resposta contra ameaças ciberneticas.

  • November 27, 2023
  • Review verified by G2

What do you like best about the product?
A facilidade de integrar novas fontes de log no QRadar SIEM é facinante, sua arquitetura para receber diversas fontes de log e de forma rapida e simples é incrivel. Com interfaces intuitivas e guias passo a passo no Forum podemos instalar qualquer tipo de fonte de log, inclusive a grande maioria já vem com os eventos mapeados e com alguns parses já feitos, e caso não tenha o parse, é só procurar uma extension no exchange, com isso vem a facilidade na criação de casos de uso, caso não tenha uma opção já descrita pela IBM voce pode utilizar a linguagem AQL para criar, então para todo o tipo de SIGMA voce consegue fazer uma regra.
O suporte da IBM sempre que necessário é possivel utilizar, sempre que tenho um problema eu abro um ticket e rapidamente sou respondido.
A implantação nos clientes é facil, não tão rapido, porem para um SIEM é de se considerar o tempo.
Utilizo a ferramenta todos os dias, e já utilizei outros SIEMs, e para todos que me perguntam, sempre digo que o QRadar é a melhor opção, completo por um todo.
What do you dislike about the product?
Acredito que a desvantagem de se utilizar o QRadar seja o problema com atualizações com bugs, as vezes a IBM lança algumas atualizações que alguns Apps param de funcionar e isso causa um problema.
Outro ponto importante é que a grande maioria das coisas mais avançadas voce tem que fazer via CLI, mas isso é só um ponto.
As vezes o suporte não responde com o que a gente pede, ai você tem que mandar novamente para ele entender o que você pediu.
What problems is the product solving and how is that benefiting you?
O QRadar SIEM nos ajuda com a analise de dados em tempo real, permitindo identificar e responder ameaças de uma forma mais rapida e eficiente.
Isso permite uma melhora em nosso SOC, fazendo que as detecções de atividades suspeitas seja encaminhada com melhor entendimento por eles.


    Computer & Network Security

Suporte de imediato e soluções apropriadas

  • November 21, 2023
  • Review verified by G2

What do you like best about the product?
Apps que permitem melhorar o uso dos logs.
What do you dislike about the product?
Melhorar os relatórios. A apresentação gráfica e a flexibilidade não é legal.
What problems is the product solving and how is that benefiting you?
Visibilidade de incidentes através dos logs.


    EMMANOEL A.

Useful for incident response

  • November 14, 2023
  • Review verified by G2

What do you like best about the product?
I like how easy searches can be done
Useful when I perform investigations
The implementation and upgrade is easy and customer support is very fast to help us when is necessary
We use the SIEM IBM QRADAR everyday to find new possibilities to bring a new integrations with other systems
What do you dislike about the product?
I dislike the apperance, dashboard could be more modern =)
What problems is the product solving and how is that benefiting you?
IBM Security QRadar SIEM is helping us bring visibility from all logs sources in our company.


    Retail

Very functional

  • November 14, 2023
  • Review verified by G2

What do you like best about the product?
The performance is very good, as it is a local appliance, it ends up having a gain compared to other players, very easy to create use cases and filtering with simple language.
What do you dislike about the product?
There aren't many intuitive dashboards, all views have to be built manually. Its interface doesn't help much, some discontinued items are not removed from the tool, only information appears that you must click elsewhere. There is a great demand to support the environment's infrastructure.
What problems is the product solving and how is that benefiting you?
This brings visibility to the environment, we use it as the basis for the SOC, the UBA user behavior analysis is very rich and helps a lot in security insights


    Vamsi K.

QRadar SIEM in short

  • November 03, 2023
  • Review provided by G2

What do you like best about the product?
Maintaining, availability, and scalability of the product
What do you dislike about the product?
I would like to see more of a query based search optimisation.
What problems is the product solving and how is that benefiting you?
Searching parameter fields can be much more properly organized and AQL should be much more user-friendly.


    Skye D.

QRadar is complex, but extremely capable.

  • October 27, 2023
  • Review provided by G2

What do you like best about the product?
The most helpful and important parts of QRadar has to be the integrations it supports.
Most major software solutions and log sources are easy to integrate using existing readily available modules.
It was good to be involved in the development of QRadar, and IBM was always receptive to feedback.
What do you dislike about the product?
The interface was very aged, but was being actively developed.
QRadar has been around for longer than other SIEMs, and it shows in both good ways and bad ways.
When compared to other SIEMs I am familiar with, QRadar was complex and not easy to understand without some training and experience.
However, the capabilities of the system balance this barrier to entry.
What problems is the product solving and how is that benefiting you?
It allows the consolidation of logs in the first instance, which by itself is invaluable for compliance purposes.
It goes further to allow the analysis of these logs, looking for anomolies and potential security threats.

Generally, this is the role of a SIEM, but QRadar does do an excellent job of this.


    Financial Services

In terms of SIEM, I consider this one of the best on the market.

  • October 18, 2023
  • Review provided by G2

What do you like best about the product?
Its robustness and features such as log grouping, as well as user and network behavioral analysis apps
What do you dislike about the product?
There is no SaaS usage option for the tool
What problems is the product solving and how is that benefiting you?
Compliance with audits


    Everton N.

Very practical to use

  • October 13, 2023
  • Review verified by G2

What do you like best about the product?
IBM's SIEM is a very powerful tool, easy to use and adapt, I'm using it in my current job and I'm learning a lot because the community and support offered by IBM are very good.
What do you dislike about the product?
Unfortunately, the cost to obtain certification is very high considering the exchange rates. The dollar and real relationship gets in the way a little. I think that more attractive prices for users in Brazil could attract more users.
What problems is the product solving and how is that benefiting you?
Bug fixes that currently affect the QRadar SIEM that I use at work.