IBM Security QRadar SIEM v7.4.3 (BYOL)
IBM Security | IBM Security QRadar SIEM v7.4.3 (BYOL)Linux/Unix, Red Hat Enterprise Linux RHEL-7.7 - 64-bit Amazon Machine Image (AMI)
Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
SOC Analyst
What do you like best about the product?
Help in flows at network, help in incidents
What do you dislike about the product?
Interface, maybe can be more intuitive IU
What problems is the product solving and how is that benefiting you?
UEBA for analysis users
- Leave a Comment |
- Mark review as helpful
QRadar, enhancing visibility and response against cyber threats.
What do you like best about the product?
The ease of integrating new log sources into QRadar SIEM is fascinating, its architecture for receiving various log sources quickly and simply is incredible. With intuitive interfaces and step-by-step guides in the Forum, we can install any type of log source, including the vast majority that already come with mapped events and some parses already done, and if there is no parse, you can just look for an extension in the exchange, which makes it easy to create use cases. If there isn't an option already described by IBM, you can use the AQL language to create one, so for every type of SIGMA, you can create a rule. IBM support is always available when needed; whenever I have a problem, I open a ticket and am quickly responded to. Deployment to clients is easy, not so fast, but for a SIEM, the time is to be considered. I use the tool every day, and I have used other SIEMs, and for everyone who asks me, I always say that QRadar is the best option, complete overall.
What do you dislike about the product?
I believe that the disadvantage of using QRadar is the problem with updates with bugs; sometimes IBM releases some updates that cause some apps to stop working, and this causes a problem. Another important point is that the vast majority of more advanced things have to be done via CLI, but that's just one point. Sometimes the support does not respond with what we ask for, so you have to send it again for them to understand what you requested.
What problems is the product solving and how is that benefiting you?
The QRadar SIEM helps us with real-time data analysis, allowing us to identify and respond to threats more quickly and efficiently. This leads to an improvement in our SOC, ensuring that the detection of suspicious activities is forwarded with better understanding by them.
Suporte de imediato e soluções apropriadas
What do you like best about the product?
Apps que permitem melhorar o uso dos logs.
What do you dislike about the product?
Melhorar os relatórios. A apresentação gráfica e a flexibilidade não é legal.
What problems is the product solving and how is that benefiting you?
Visibilidade de incidentes através dos logs.
Useful for incident response
What do you like best about the product?
I like how easy searches can be done
Useful when I perform investigations
The implementation and upgrade is easy and customer support is very fast to help us when is necessary
We use the SIEM IBM QRADAR everyday to find new possibilities to bring a new integrations with other systems
Useful when I perform investigations
The implementation and upgrade is easy and customer support is very fast to help us when is necessary
We use the SIEM IBM QRADAR everyday to find new possibilities to bring a new integrations with other systems
What do you dislike about the product?
I dislike the apperance, dashboard could be more modern =)
What problems is the product solving and how is that benefiting you?
IBM Security QRadar SIEM is helping us bring visibility from all logs sources in our company.
Very functional
What do you like best about the product?
The performance is very good, as it is a local appliance, it ends up having a gain compared to other players, very easy to create use cases and filtering with simple language.
What do you dislike about the product?
There aren't many intuitive dashboards, all views have to be built manually. Its interface doesn't help much, some discontinued items are not removed from the tool, only information appears that you must click elsewhere. There is a great demand to support the environment's infrastructure.
What problems is the product solving and how is that benefiting you?
This brings visibility to the environment, we use it as the basis for the SOC, the UBA user behavior analysis is very rich and helps a lot in security insights
QRadar SIEM in short
What do you like best about the product?
Maintaining, availability, and scalability of the product
What do you dislike about the product?
I would like to see more of a query based search optimisation.
What problems is the product solving and how is that benefiting you?
Searching parameter fields can be much more properly organized and AQL should be much more user-friendly.
QRadar is complex, but extremely capable.
What do you like best about the product?
The most helpful and important parts of QRadar has to be the integrations it supports.
Most major software solutions and log sources are easy to integrate using existing readily available modules.
It was good to be involved in the development of QRadar, and IBM was always receptive to feedback.
Most major software solutions and log sources are easy to integrate using existing readily available modules.
It was good to be involved in the development of QRadar, and IBM was always receptive to feedback.
What do you dislike about the product?
The interface was very aged, but was being actively developed.
QRadar has been around for longer than other SIEMs, and it shows in both good ways and bad ways.
When compared to other SIEMs I am familiar with, QRadar was complex and not easy to understand without some training and experience.
However, the capabilities of the system balance this barrier to entry.
QRadar has been around for longer than other SIEMs, and it shows in both good ways and bad ways.
When compared to other SIEMs I am familiar with, QRadar was complex and not easy to understand without some training and experience.
However, the capabilities of the system balance this barrier to entry.
What problems is the product solving and how is that benefiting you?
It allows the consolidation of logs in the first instance, which by itself is invaluable for compliance purposes.
It goes further to allow the analysis of these logs, looking for anomolies and potential security threats.
Generally, this is the role of a SIEM, but QRadar does do an excellent job of this.
It goes further to allow the analysis of these logs, looking for anomolies and potential security threats.
Generally, this is the role of a SIEM, but QRadar does do an excellent job of this.
In terms of SIEM, I consider this one of the best on the market.
What do you like best about the product?
Its robustness and features such as log grouping, as well as user and network behavioral analysis apps
What do you dislike about the product?
There is no SaaS usage option for the tool
What problems is the product solving and how is that benefiting you?
Compliance with audits
Very practical to use
What do you like best about the product?
IBM's SIEM is a very powerful tool, easy to use and adapt, I'm using it in my current job and I'm learning a lot because the community and support offered by IBM are very good.
What do you dislike about the product?
Unfortunately, the cost to obtain certification is very high considering the exchange rates. The dollar and real relationship gets in the way a little. I think that more attractive prices for users in Brazil could attract more users.
What problems is the product solving and how is that benefiting you?
Bug fixes that currently affect the QRadar SIEM that I use at work.
It was an amazing journey with IBM Security QRAdar SIEM...
What do you like best about the product?
It is a robust, versatile, highly customizable, business driven security solution. It really helped us to establish and operate 24x7x365 Security Operation Center (SOC). One of its feature call DMS Editor where anyone can manipulate log source type or new template/type creation. It is comparatively easy to use as well as run on non-windows operating system. It is also easy to implement, integration with multiple system. Due its robustness, the frequency of use is quite impressive. It would specially mentioned the SI "Secbounty, India" and local partner "Zara Zaman Technology Ltd" for their tremendous efforts as well as support to make this project successful. IBM has very robust customer support including lots online manual, reference, guidance.
What do you dislike about the product?
It is a bit costly, though to get best support and servies, cost is inevitable.
What problems is the product solving and how is that benefiting you?
We have mendatory regulatory as well as audit requirement for 24x7 Security Opertion Center (SOC) and QRadar SIEM is the backbone of SOC. Moreover, from security perspective view as well as incident response & digital forensic, it is one of the essential requirement for such solution which accelarated our Team as well as Organization.
showing 21 - 30