IBM Security QRadar SIEM v7.5.0UP4 (BYOL)
IBM Security | IBM Security QRadar SIEM v7.5.0UP4 (BYOL)Linux/Unix, Red Hat Enterprise Linux 7.9 - 64-bit Amazon Machine Image (AMI)
Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Qradar review
What do you like best about the product?
Its support all the log source type and have multi tenant function,it support nearly 450 type device support module ,support cloud infrastructure logs ,easily integrate most of log sources without any agent,provide IBM exchange to increase the functionality of SIEM.
What do you dislike about the product?
Its costly comparing to other SIEM tool.
Need some proper videos for integrating some of the log sources .
Need license for some of the additional component that will increase some additional cost.
Need some proper videos for integrating some of the log sources .
Need license for some of the additional component that will increase some additional cost.
What problems is the product solving and how is that benefiting you?
It helps us see all the logsources in a single console.It has the functionality to handle multiple clients at the same time by creating different domains.IT supports nearly all kind of log sources.it has functionality to increase the license as per our requirements. It supports threat intel platforms that helps us to update according the environment.
- Leave a Comment |
- Mark review as helpful
Review of IBM QRadar SIEM
What do you like best about the product?
Do you like best about ibm security QRadar SIEM is central log management is very effective, but the assimilation of the data and ability to make the data actionable is somewhat lacking as Alerting and actual monitoring does not have all of the feature and customization required to be an actual SIEM.
What do you dislike about the product?
OEM support is really poor, there is no default parser for the Oracle 19C which got released in 2021. No proper SLA is being followed for support cases raised.also it has some issues with historical investigation.
What problems is the product solving and how is that benefiting you?
It is follow the proactive approach with provide to find threat before they get severe and remove by help of analysis of the offenses. That will provide deep visibility on the log and flow to get what happening in infrastructure.
QRadar is easy to use.
What do you like best about the product?
Integration of Log Sources is very simple as compare to other SIEM.
What do you dislike about the product?
Reporting features of QRadar is not very good as compare to other SIEM solution. Other SIEM solution providing very good formats for reporting.
What problems is the product solving and how is that benefiting you?
Analyzing the network behaviour by anaylizng the payloads. Identify web attacks, malicious IPs, etc
Product is largely distributed and very flexible
What do you like best about the product?
customization and network visualization are exceptional, uses strong analytical techniques like user behaviour and machine learning analytics for log analysis..
What do you dislike about the product?
Technological enhancements can be done like extending APIs for detection component management and log collection from S3 buckets or any software installation, Data source or log source configuration can also be enhanced via API support.
What problems is the product solving and how is that benefiting you?
Network visualization and network level troubleshoot in verifying interface level configurations helps in forensic with the past logs help in retrospective log analysis.
IBM Security QRadar SIEM
What do you like best about the product?
IBM Security QRadar SIEM is very helped full to searching the incident and its dashboard has shown al the event and incident our all team like the IBM Security QRadar SIEM.
What do you dislike about the product?
nothing is dislike in IBM Security QRadar SIEM our team always like the IBM Security QRadar SIEM
What problems is the product solving and how is that benefiting you?
to give the free training to all bcz if people train in their will be more jobs is created .
Qradar review
What do you like best about the product?
I have been using qradar since February 2022, great tool to use and the thing I like the most about qradar is coalescing and group by functionality.
What do you dislike about the product?
The interface is quite messy need to improve dashboards as well.
What problems is the product solving and how is that benefiting you?
I think coalescing function helps me alot in incident response.
System/Security Engineer
What do you like best about the product?
Providing Advanced threat intelligence and Analytics capabilities;
Log Management and Event Collection.
Integration Capability.
Log Management and Event Collection.
Integration Capability.
What do you dislike about the product?
Its Complexity
Customixation difficulty
Limited feature
Customixation difficulty
Limited feature
What problems is the product solving and how is that benefiting you?
Providing Advanced threat intelligence and Analytics capabilities;
Log Management and Event Collection.
Integration Capability.
Realtime Event correlation
Collecting and analyzing necessary security event data.
Investigation Easiness.
Log Management and Event Collection.
Integration Capability.
Realtime Event correlation
Collecting and analyzing necessary security event data.
Investigation Easiness.
Qradar SIEM evaluation
What do you like best about the product?
Qradar is more simpler and user friendly then in comparison to RSA netwitness or any other tool and in this creation of use cases or device integration is also easy
What do you dislike about the product?
Although there is nothing to dislike over here , because all integration of devices or use cases creation documents are easily available on internet so i can say there nothing to dislike over here.
What problems is the product solving and how is that benefiting you?
This SIEM is helping our client by analyzing the raw and meta deta and creating incidents against it and also helps in deep dive of malware analysis . Qradar graphical interpretation helps our L1 analyst to detect logs variation
IBM QRadar: A Powerful and User-Friendly SIEM Solution
What do you like best about the product?
The things I like about IBM QRadar was it has Powerful threat detection and response capabilities and User-friendly interface and QRadar is a scalable solution that it can be deployed on-premises or in the cloud, and it can be scaled up or down as needed.The things that I find most helpful was the ability to correlate data from multiple sources, The ability to automate threat response & The ability to integrate with other security solutions
What do you dislike about the product?
Things that I find least helpful about IBM Security QRadar SIEM was The lack of a built-in threat intelligence feed, The lack of a centralized dashboard this can make it difficult to get a complete view of all security events,The lack of integration with other security solutions this can make it difficult to get a single view of the security posture of an organizat
What problems is the product solving and how is that benefiting you?
QRadar SIEM help organization solve a variety of security problems, including Incident detection and response, QRadar help organization detect and respond to security incidents more quickly and effectively. By correlating data from multiple sources, QRadar can provide a complete picture of an incident, which can help analysts to identify the root cause and take action to mitigate the damage, QRadar can help organizations to assess and manage their security risk. By identifying and tracking threats, QRadar can help organizations to take steps to mitigate those threats and reduce their overall risk exposure
SIEM IBM QRadar
What do you like best about the product?
The most valuable about Qradr is a single pan or single window into your network. It will always capture the full packet. Less overhead like query writing. It will narrow down the search with full packet normalization, Best in behavior analysis and less hardware utilization to run effectively
Small to medium enterprises and best for large organization
Small to medium enterprises and best for large organization
What do you dislike about the product?
The tool is excellent, nothing much about to dislike the product. but only one i would say High cost for small organization
What problems is the product solving and how is that benefiting you?
Provide a centralized paltform to Monitoring and analyze the logs and discard the false positives. Monitor the risk and scan the vulnerability on scheduled dates.
showing 31 - 40