IBM Security QRadar SIEM v7.5.0UP4 (BYOL)
IBM Security | IBM Security QRadar SIEM v7.5.0UP4 (BYOL)Linux/Unix, Red Hat Enterprise Linux 7.9 - 64-bit Amazon Machine Image (AMI)
Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Very functional
What do you like best about the product?
The performance is very good, as it is a local appliance, it ends up having a gain compared to other players, very easy to create use cases and filtering with simple language.
What do you dislike about the product?
There aren't many intuitive dashboards, all views have to be built manually. Its interface doesn't help much, some discontinued items are not removed from the tool, only information appears that you must click elsewhere. There is a great demand to support the environment's infrastructure.
What problems is the product solving and how is that benefiting you?
This brings visibility to the environment, we use it as the basis for the SOC, the UBA user behavior analysis is very rich and helps a lot in security insights
- Leave a Comment |
- Mark review as helpful
QRadar SIEM in short
What do you like best about the product?
Maintaining, availability, and scalability of the product
What do you dislike about the product?
I would like to see more of a query based search optimisation.
What problems is the product solving and how is that benefiting you?
Searching parameter fields can be much more properly organized and AQL should be much more user-friendly.
QRadar is complex, but extremely capable.
What do you like best about the product?
The most helpful and important parts of QRadar has to be the integrations it supports.
Most major software solutions and log sources are easy to integrate using existing readily available modules.
It was good to be involved in the development of QRadar, and IBM was always receptive to feedback.
Most major software solutions and log sources are easy to integrate using existing readily available modules.
It was good to be involved in the development of QRadar, and IBM was always receptive to feedback.
What do you dislike about the product?
The interface was very aged, but was being actively developed.
QRadar has been around for longer than other SIEMs, and it shows in both good ways and bad ways.
When compared to other SIEMs I am familiar with, QRadar was complex and not easy to understand without some training and experience.
However, the capabilities of the system balance this barrier to entry.
QRadar has been around for longer than other SIEMs, and it shows in both good ways and bad ways.
When compared to other SIEMs I am familiar with, QRadar was complex and not easy to understand without some training and experience.
However, the capabilities of the system balance this barrier to entry.
What problems is the product solving and how is that benefiting you?
It allows the consolidation of logs in the first instance, which by itself is invaluable for compliance purposes.
It goes further to allow the analysis of these logs, looking for anomolies and potential security threats.
Generally, this is the role of a SIEM, but QRadar does do an excellent job of this.
It goes further to allow the analysis of these logs, looking for anomolies and potential security threats.
Generally, this is the role of a SIEM, but QRadar does do an excellent job of this.
In terms of SIEM, I consider this one of the best on the market.
What do you like best about the product?
Its robustness and features such as log grouping, as well as user and network behavioral analysis apps
What do you dislike about the product?
There is no SaaS usage option for the tool
What problems is the product solving and how is that benefiting you?
Compliance with audits
Very practical to use
What do you like best about the product?
IBM's SIEM is a very powerful tool, easy to use and adapt, I'm using it in my current job and I'm learning a lot because the community and support offered by IBM are very good.
What do you dislike about the product?
Unfortunately, the cost to obtain certification is very high considering the exchange rates. The dollar and real relationship gets in the way a little. I think that more attractive prices for users in Brazil could attract more users.
What problems is the product solving and how is that benefiting you?
Bug fixes that currently affect the QRadar SIEM that I use at work.
It was an amazing journey with IBM Security QRAdar SIEM...
What do you like best about the product?
It is a robust, versatile, highly customizable, business driven security solution. It really helped us to establish and operate 24x7x365 Security Operation Center (SOC). One of its feature call DMS Editor where anyone can manipulate log source type or new template/type creation. It is comparatively easy to use as well as run on non-windows operating system. It is also easy to implement, integration with multiple system. Due its robustness, the frequency of use is quite impressive. It would specially mentioned the SI "Secbounty, India" and local partner "Zara Zaman Technology Ltd" for their tremendous efforts as well as support to make this project successful. IBM has very robust customer support including lots online manual, reference, guidance.
What do you dislike about the product?
It is a bit costly, though to get best support and servies, cost is inevitable.
What problems is the product solving and how is that benefiting you?
We have mendatory regulatory as well as audit requirement for 24x7 Security Opertion Center (SOC) and QRadar SIEM is the backbone of SOC. Moreover, from security perspective view as well as incident response & digital forensic, it is one of the essential requirement for such solution which accelarated our Team as well as Organization.
Experience with IBM Security QRadar SIEM
What do you like best about the product?
It is a great tool which can be used for threat monitoring, detection and response. It is User Friendly
What do you dislike about the product?
The tool's reporting and cost could be better for small or mid size companies
What problems is the product solving and how is that benefiting you?
Gives better visibility of security alerts across different platforms
Ferramenta de SIEM poderosa e flexível
What do you like best about the product?
O IBM Security Qradar SIEM tem ajudado a organização com visibilidade e proteção devido a incrível função de correlação de eventos e a habilidade de integração com as demais ferramentas.
A capacidade de receber grandes quantidades de eventos simultaneamente e correlacionar todos os logs transformando em alertas tem ajudado para a criação de ofensas para a posterior análise do time de SOC e tratativa do alerta.
É uma ferramenta extremamente intuitiva e com grande flexibilidade para a criação de alertas. Também é simples realizar ajustes para a criação de exceções nos casos de Falsos Positivos.
A grande quantidade de aplicativos para a integração com ferramentas terceiras ajudam para melhorar ainda mais a inteligência e visibilidade do ambiente com uma console centralizada e única.
Com certeza o Qradar é uma ferramenta essencial para ter uma corporação segura.
A capacidade de receber grandes quantidades de eventos simultaneamente e correlacionar todos os logs transformando em alertas tem ajudado para a criação de ofensas para a posterior análise do time de SOC e tratativa do alerta.
É uma ferramenta extremamente intuitiva e com grande flexibilidade para a criação de alertas. Também é simples realizar ajustes para a criação de exceções nos casos de Falsos Positivos.
A grande quantidade de aplicativos para a integração com ferramentas terceiras ajudam para melhorar ainda mais a inteligência e visibilidade do ambiente com uma console centralizada e única.
Com certeza o Qradar é uma ferramenta essencial para ter uma corporação segura.
What do you dislike about the product?
Acho que deveria existir algumas condições adicionais para a criação de um alerta, por exemplo as condições “OR” e “THEN” com certeza ajudariam para utilizar em regras especificas.
Também acredito que deveriam existir melhoras para a criação e exportação de reportes diretamente da Console.
Também acredito que deveriam existir melhoras para a criação e exportação de reportes diretamente da Console.
What problems is the product solving and how is that benefiting you?
A sua capacitade de dar grande visilidade e correlação ajuda o time de Segurança da Informação a reliazar pesquisas e responder rapidamente a um incidente ajudando a organização se manter segura e ter a rastreabilidade dos eventos.
Honest review of an awesome SIEM solution.
What do you like best about the product?
I love that fact that QRadar is vendor acnostic. You can literally pull data from any data source and have QRadar ingest, correlate and then graphically present whatever your trying to report or monitor.
What do you dislike about the product?
Not much not to like. You can do so much. Actually sometimes too much and you get lost in all it's features. But that's not really a negative. I would just like to see better plugin management. To try and prevent the above scenario.
What problems is the product solving and how is that benefiting you?
QRadar makes it possible for us to ingest data from multiple sources. Sometimes hundreds or thousands and then easy build a report that is easy understandable.
Makes reporting alit easier.
Makes reporting alit easier.
Best SIEM for our network needs!
What do you like best about the product?
IBM Security QRadar SIEM is very easy to configure. When this product was first demonstrated to us, we easily understood how it works and how it can help us in our network. All events and incidents are easy to analyze because of this tool.
What do you dislike about the product?
Right now, we are still trying to enjoy this product and we haven't found anything to dislike yet. Just make sure to properly fine tune this SIEM and make sure all devices that forward logs have sufficient value.
What problems is the product solving and how is that benefiting you?
With IBM Security QRadar SIEM, we can easily identify events and findings in our network. We can easily detect if there are threats and because of this, we can mitigate all or most of them in a short period of time.
showing 21 - 30