IBM Security QRadar SIEM v7.5.0UP4 (BYOL)
IBM Security | IBM Security QRadar SIEM v7.5.0UP4 (BYOL)Linux/Unix, Red Hat Enterprise Linux 7.9 - 64-bit Amazon Machine Image (AMI)
Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Easy to understand
What do you like best about the product?
Fetching logs for investigation and analysis
What do you dislike about the product?
Use case creation conditions formatting, loading of data and putting conditions
What problems is the product solving and how is that benefiting you?
Holistic view of events
Recommendations to others considering the product:
Easy ton setup and on board devices
- Leave a Comment |
- Mark review as helpful
One of best SIEM Tool in the market.
What do you like best about the product?
Multi ways deployment for smallest to largest organization. Offenses and logs handling. Reports generation
What do you dislike about the product?
Too much of manual task. UI is bit lagging.
What problems is the product solving and how is that benefiting you?
Real time monitoring keeps tabs on what is happening in our environment at one place rather than checking each and every log source.
Recommendations to others considering the product:
Best SIEM Tool in market and affordable.
IBM Security QRadar
What do you like best about the product?
IBM Security QRadar is an SIEM tool by that we can monitor all the alerts generated by the tool. It is a centralized log collector of every security.
What do you dislike about the product?
We need to install an event collector at every place by that we can send logs to the QRadar.
What problems is the product solving and how is that benefiting you?
We can analyze logs generated by security tools like firewalls, Switch, Email Security, DNS security etc. accordingly we can take action.
Recommendations to others considering the product:
QRadar is monitor tool basically for the SOC team to monitor all the logs generated by the security tool. Every industry needs an SIEM tool to have visibility to the entire organization.
One of the best siem tool
What do you like best about the product?
Qradar is a one of the great tool for siem, if you want to monitor real time logs and also prevent any cyber attacks. There customer service is great in the industry, if you want to upgrade qradar with latest version and you stuck in between you can connect with there team and they will help you to do that..
What do you dislike about the product?
None. Everything is perfect as of my point of view
What problems is the product solving and how is that benefiting you?
Cyber attacks, helping do to threat hunting activity,real time monitoring, true postive n false positive
An SIEM with great UI, more flexible log management and explicit security use case creation process.
What do you like best about the product?
- I have worked on various SIEM technologies. IBM Qradar is one of them. One thing I liked the most about it is, It has a great UI which makes it very easy to understand all functionalities.
- IBM Qradar supports multiple types of log sources and devices that give us flexibility in integrating all kinds of necessary logs.
- It has a very easy way to manage and process Threat Intelligence.
- OEM support is great.
- Great features such as UBA and Operations App for monitoring suspicious user activities and their impact on the system. Threat Intelligence App for fetching TI
feeds, Usecase manager app to optimally configure rules for enhancing the detection mechanism and MITRE ATT&CK mapping.
- IBM Qradar supports multiple types of log sources and devices that give us flexibility in integrating all kinds of necessary logs.
- It has a very easy way to manage and process Threat Intelligence.
- OEM support is great.
- Great features such as UBA and Operations App for monitoring suspicious user activities and their impact on the system. Threat Intelligence App for fetching TI
feeds, Usecase manager app to optimally configure rules for enhancing the detection mechanism and MITRE ATT&CK mapping.
What do you dislike about the product?
- Many times the search queries get failed while fetching logs even for one week. Then we need to fetch logs by segregating the search for 3-3 days. That takes more time.
- Faced data parsing issues sometimes.
- Faced data parsing issues sometimes.
What problems is the product solving and how is that benefiting you?
- Qradar with SOAR integration automates many incident response processes such as Phishing Email investigation, Blocking of IOCs, and Responding to common
malware alerts. This has helped to reduce the overall workload.
malware alerts. This has helped to reduce the overall workload.
Recommendations to others considering the product:
- Overall IBM Qradar is a very well-organized platform and the support from the OEM is great. This tool will always be my first recommendation for any kind of small to large security operations centre management.
QRadar SIEM Service Delivery Manager
What do you like best about the product?
Content Management, Administration, Reporting, Quality & Incident Management
What do you dislike about the product?
Threat Intelligence Feeds Clean Up, Upgradation Period
What problems is the product solving and how is that benefiting you?
Multi-Tenanting & Ease of Use & Dashboards
14 years of IT experience
What do you like best about the product?
Easy to setup and scalable
faster result
good price compared to other tools like splunk
faster result
good price compared to other tools like splunk
What do you dislike about the product?
Lack some features in SAP monitoring
High Cost of AI and ML features
Can be more improved in terms of securing and integrity
High Cost of AI and ML features
Can be more improved in terms of securing and integrity
What problems is the product solving and how is that benefiting you?
We use QRadar to collect logs and monitor user activity and traffic from one site to other site. The SOC team monitor the traffic from the logs. All internet activity and the output of every device is configured to send a log to QRADER. we can view live internet traffice and all other network traffice.
Recommendations to others considering the product:
it is a best tool interm of cost and easy to setup
This is a very much good product. Users can relies without worrying.
What do you like best about the product?
The hardware is excellent. Performance is smooth.
What do you dislike about the product?
I have nothing to mention about this. I have not found any negative with the solution.
What problems is the product solving and how is that benefiting you?
The possibility of losing data is close to zero. Data is safe here.
Recommendations to others considering the product:
You can reply on IBM Security QRadar.
SIEM solution at a reasonable cost
What do you like best about the product?
1) Good GUI interface
2) Creating rules/ security usecase/alerts is very easy since we need to select appropriate conditions through drop down
3) Qradar comes at a reasonable cost
4) It works at a very optimum level in case of MSSP environment
2) Creating rules/ security usecase/alerts is very easy since we need to select appropriate conditions through drop down
3) Qradar comes at a reasonable cost
4) It works at a very optimum level in case of MSSP environment
What do you dislike about the product?
1) Dashboard creation is very difficult
2) it needs expertise to handle the Qradar during upgrades
2) it needs expertise to handle the Qradar during upgrades
What problems is the product solving and how is that benefiting you?
It is solving the monitoring of cyber security for any client environment.
Its one of the finest tools with advance capibiltes like threat intelligence integration, integration with Soar tools, performing detailed analysis of the logs, small level inbuilt ticketing system to assign and work on offenses.
Its one of the finest tools with advance capibiltes like threat intelligence integration, integration with Soar tools, performing detailed analysis of the logs, small level inbuilt ticketing system to assign and work on offenses.
It have very user friendly interface.
What do you like best about the product?
Its log activity tab which is for search
What do you dislike about the product?
It's little bit slow while we add a long search.
What problems is the product solving and how is that benefiting you?
incident response which allow analys to escalate
showing 71 - 80