IBM Security QRadar SIEM v7.4.3 (BYOL)
IBM Security | IBM Security QRadar SIEM v7.4.3 (BYOL)Linux/Unix, Red Hat Enterprise Linux RHEL-7.7 - 64-bit Amazon Machine Image (AMI)
Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
SOC Analyst
What do you like best about the product?
Help in flows at network, help in incidents
What do you dislike about the product?
Interface, maybe can be more intuitive IU
What problems is the product solving and how is that benefiting you?
UEBA for analysis users
- Leave a Comment |
- Mark review as helpful
QRadar, potencializando a visibilidade e resposta contra ameaças ciberneticas.
What do you like best about the product?
A facilidade de integrar novas fontes de log no QRadar SIEM é facinante, sua arquitetura para receber diversas fontes de log e de forma rapida e simples é incrivel. Com interfaces intuitivas e guias passo a passo no Forum podemos instalar qualquer tipo de fonte de log, inclusive a grande maioria já vem com os eventos mapeados e com alguns parses já feitos, e caso não tenha o parse, é só procurar uma extension no exchange, com isso vem a facilidade na criação de casos de uso, caso não tenha uma opção já descrita pela IBM voce pode utilizar a linguagem AQL para criar, então para todo o tipo de SIGMA voce consegue fazer uma regra.
O suporte da IBM sempre que necessário é possivel utilizar, sempre que tenho um problema eu abro um ticket e rapidamente sou respondido.
A implantação nos clientes é facil, não tão rapido, porem para um SIEM é de se considerar o tempo.
Utilizo a ferramenta todos os dias, e já utilizei outros SIEMs, e para todos que me perguntam, sempre digo que o QRadar é a melhor opção, completo por um todo.
O suporte da IBM sempre que necessário é possivel utilizar, sempre que tenho um problema eu abro um ticket e rapidamente sou respondido.
A implantação nos clientes é facil, não tão rapido, porem para um SIEM é de se considerar o tempo.
Utilizo a ferramenta todos os dias, e já utilizei outros SIEMs, e para todos que me perguntam, sempre digo que o QRadar é a melhor opção, completo por um todo.
What do you dislike about the product?
Acredito que a desvantagem de se utilizar o QRadar seja o problema com atualizações com bugs, as vezes a IBM lança algumas atualizações que alguns Apps param de funcionar e isso causa um problema.
Outro ponto importante é que a grande maioria das coisas mais avançadas voce tem que fazer via CLI, mas isso é só um ponto.
As vezes o suporte não responde com o que a gente pede, ai você tem que mandar novamente para ele entender o que você pediu.
Outro ponto importante é que a grande maioria das coisas mais avançadas voce tem que fazer via CLI, mas isso é só um ponto.
As vezes o suporte não responde com o que a gente pede, ai você tem que mandar novamente para ele entender o que você pediu.
What problems is the product solving and how is that benefiting you?
O QRadar SIEM nos ajuda com a analise de dados em tempo real, permitindo identificar e responder ameaças de uma forma mais rapida e eficiente.
Isso permite uma melhora em nosso SOC, fazendo que as detecções de atividades suspeitas seja encaminhada com melhor entendimento por eles.
Isso permite uma melhora em nosso SOC, fazendo que as detecções de atividades suspeitas seja encaminhada com melhor entendimento por eles.
Suporte de imediato e soluções apropriadas
What do you like best about the product?
Apps que permitem melhorar o uso dos logs.
What do you dislike about the product?
Melhorar os relatórios. A apresentação gráfica e a flexibilidade não é legal.
What problems is the product solving and how is that benefiting you?
Visibilidade de incidentes através dos logs.
Useful for incident response
What do you like best about the product?
I like how easy searches can be done
Useful when I perform investigations
The implementation and upgrade is easy and customer support is very fast to help us when is necessary
We use the SIEM IBM QRADAR everyday to find new possibilities to bring a new integrations with other systems
Useful when I perform investigations
The implementation and upgrade is easy and customer support is very fast to help us when is necessary
We use the SIEM IBM QRADAR everyday to find new possibilities to bring a new integrations with other systems
What do you dislike about the product?
I dislike the apperance, dashboard could be more modern =)
What problems is the product solving and how is that benefiting you?
IBM Security QRadar SIEM is helping us bring visibility from all logs sources in our company.
Very functional
What do you like best about the product?
The performance is very good, as it is a local appliance, it ends up having a gain compared to other players, very easy to create use cases and filtering with simple language.
What do you dislike about the product?
There aren't many intuitive dashboards, all views have to be built manually. Its interface doesn't help much, some discontinued items are not removed from the tool, only information appears that you must click elsewhere. There is a great demand to support the environment's infrastructure.
What problems is the product solving and how is that benefiting you?
This brings visibility to the environment, we use it as the basis for the SOC, the UBA user behavior analysis is very rich and helps a lot in security insights
QRadar SIEM in short
What do you like best about the product?
Maintaining, availability, and scalability of the product
What do you dislike about the product?
I would like to see more of a query based search optimisation.
What problems is the product solving and how is that benefiting you?
Searching parameter fields can be much more properly organized and AQL should be much more user-friendly.
QRadar is complex, but extremely capable.
What do you like best about the product?
The most helpful and important parts of QRadar has to be the integrations it supports.
Most major software solutions and log sources are easy to integrate using existing readily available modules.
It was good to be involved in the development of QRadar, and IBM was always receptive to feedback.
Most major software solutions and log sources are easy to integrate using existing readily available modules.
It was good to be involved in the development of QRadar, and IBM was always receptive to feedback.
What do you dislike about the product?
The interface was very aged, but was being actively developed.
QRadar has been around for longer than other SIEMs, and it shows in both good ways and bad ways.
When compared to other SIEMs I am familiar with, QRadar was complex and not easy to understand without some training and experience.
However, the capabilities of the system balance this barrier to entry.
QRadar has been around for longer than other SIEMs, and it shows in both good ways and bad ways.
When compared to other SIEMs I am familiar with, QRadar was complex and not easy to understand without some training and experience.
However, the capabilities of the system balance this barrier to entry.
What problems is the product solving and how is that benefiting you?
It allows the consolidation of logs in the first instance, which by itself is invaluable for compliance purposes.
It goes further to allow the analysis of these logs, looking for anomolies and potential security threats.
Generally, this is the role of a SIEM, but QRadar does do an excellent job of this.
It goes further to allow the analysis of these logs, looking for anomolies and potential security threats.
Generally, this is the role of a SIEM, but QRadar does do an excellent job of this.
In terms of SIEM, I consider this one of the best on the market.
What do you like best about the product?
Its robustness and features such as log grouping, as well as user and network behavioral analysis apps
What do you dislike about the product?
There is no SaaS usage option for the tool
What problems is the product solving and how is that benefiting you?
Compliance with audits
Very practical to use
What do you like best about the product?
IBM's SIEM is a very powerful tool, easy to use and adapt, I'm using it in my current job and I'm learning a lot because the community and support offered by IBM are very good.
What do you dislike about the product?
Unfortunately, the cost to obtain certification is very high considering the exchange rates. The dollar and real relationship gets in the way a little. I think that more attractive prices for users in Brazil could attract more users.
What problems is the product solving and how is that benefiting you?
Bug fixes that currently affect the QRadar SIEM that I use at work.
It was an amazing journey with IBM Security QRAdar SIEM...
What do you like best about the product?
It is a robust, versatile, highly customizable, business driven security solution. It really helped us to establish and operate 24x7x365 Security Operation Center (SOC). One of its feature call DMS Editor where anyone can manipulate log source type or new template/type creation. It is comparatively easy to use as well as run on non-windows operating system. It is also easy to implement, integration with multiple system. Due its robustness, the frequency of use is quite impressive. It would specially mentioned the SI "Secbounty, India" and local partner "Zara Zaman Technology Ltd" for their tremendous efforts as well as support to make this project successful. IBM has very robust customer support including lots online manual, reference, guidance.
What do you dislike about the product?
It is a bit costly, though to get best support and servies, cost is inevitable.
What problems is the product solving and how is that benefiting you?
We have mendatory regulatory as well as audit requirement for 24x7 Security Opertion Center (SOC) and QRadar SIEM is the backbone of SOC. Moreover, from security perspective view as well as incident response & digital forensic, it is one of the essential requirement for such solution which accelarated our Team as well as Organization.
showing 11 - 20