Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
One of the best SIEM.
What do you like best about the product?
IBM QRadar is a SIEM that is easy to use. You can integrate different log sources. Easy to configure events and alert.
What do you dislike about the product?
Dashboard seems to be hard to read. And too expensive
What problems is the product solving and how is that benefiting you?
SOC issues like threat hunting, malwares.
- Leave a Comment |
- Mark review as helpful
Really Fast SIEM Solution
What do you like best about the product?
Best part about qradar is ability to process large numbers of events and also log management is smooth and fast
What do you dislike about the product?
As of now.. i really don't find any kind of issues while using qradar
What problems is the product solving and how is that benefiting you?
It really help to make rules as per customer requirements as their are wide variety of rules already available
Recommendations to others considering the product:
It really helped organisation's to manage security of customers very fast and in correct manner
I have a 4 year of experince kn deployment and administration and analyst of qradar.
What do you like best about the product?
Qradar is a very easy for administration and it will help the analyst to perform more analytical and threat hunting. Very good product then other siem products.
What do you dislike about the product?
Ibm support is take too much time in resolve issue. Ibm have to work on this.
What problems is the product solving and how is that benefiting you?
It help in to view whole organization overwiew. It will help in tbreat hunting it will help in automation custom dashboards etc
Recommendations to others considering the product:
Qradar is the best siem in comparision of other siem. It is easy tk manage a great visibility, very helpful in analysis.
Excellent log co-relational tool for enterprise business application security monitoring !!!
What do you like best about the product?
Gets quick insight and log intelligence.
What do you dislike about the product?
false positives findings and importing into csv.
What problems is the product solving and how is that benefiting you?
CLoud Application log monitoring and intelligence information about security.
Presales Team leader
What do you like best about the product?
Security information management and event.
What do you dislike about the product?
Nothing, everything is ok but need mor practice.
What problems is the product solving and how is that benefiting you?
Enhance the security management
Recommendations to others considering the product:
Thank you, but it needs more marketing in the GCC countries. Im suggesting to make one event in kuwait
System analysts
What do you like best about the product?
Offense's generation, logs build up. Centralized system for monitoring and management
What do you dislike about the product?
Nothing. But this product take times to make it stable. Parsing is lingering method.
What problems is the product solving and how is that benefiting you?
Vulnerability scanning, trigger false positive and much more
Very easy to use. User friendly
What do you like best about the product?
User friendly gui and easy to implement.
What do you dislike about the product?
Nothing as such noted,but as per market more features can be added
What problems is the product solving and how is that benefiting you?
It provides detailed analysis of user,server,system, and any activity going in the enviroment.It is bebeficial for detecting threats and attacks and helps ti prevent them.
Must needed SIEM tool - QRadar
What do you like best about the product?
To manage all critical events it is not simple. But IBM QRadar SIEM can help you. We are sing BM QRadar and it's really one of the best SIEM. IBM suuport makes it very issue to implement QRADAR. The IBM Qradar SIEM accurately detect and prioritize threats across the enterprise. Collect log events and network flow data from our critical devices, endpoints and applications distributed throughout our network. Quickly identify the top threats and reduce the total alert volume. Help us to investigate incidents.
What do you dislike about the product?
QRADAR data gateway is only available for QRoC also QRadar Event Collector can't be centrally managed. QRadar is more purpose-built, which means faster time to initial value, but potentially more expensive to extend.UEBA application within QRadar iss not complete, the rules are good however, a more detailed list of categorizations per users type is needed in order to have a more accurate risk scores per user sessions.
Vulnerability Scan: The outcome of the missing vulnerability patches are not quite Real-Time, it has a delay of 1 to 3 weeks in relation with the releases done by Microsoft.
SIEM: Is not build for MSSP, even if there are workarounds to it, splitting the licensing for different customers is not advantageous however, for a single environment it works good;
Vulnerability Scan: The outcome of the missing vulnerability patches are not quite Real-Time, it has a delay of 1 to 3 weeks in relation with the releases done by Microsoft.
SIEM: Is not build for MSSP, even if there are workarounds to it, splitting the licensing for different customers is not advantageous however, for a single environment it works good;
What problems is the product solving and how is that benefiting you?
The complexity of items and analytics that you can extract using this SIEM, basically as long as you have the required logs, you can customize rules, use cases, reports, statistic graphs as per your needs.Very good documentation offered by IBM for this tool.
Recommendations to others considering the product:
QRadar is must needed SIEM tool.
The best SIEM tool!!
What do you like best about the product?
QRadar has proven a really competitive product being available as cloud & Automated Intelligence solutions. It has been very effective in the overall security of Data by monitoring the systems, detecting the threats & investigating accordingly. It's a complete solution.
What do you dislike about the product?
The unwanted notifications sometimes. This generates a kind of distraction.
What problems is the product solving and how is that benefiting you?
The real-time threat detection is pretty helpful. I can take quick actions against the threats.
Recommendations to others considering the product:
Absolutely yes!
IBM Qradar actually working as real Radar. It maximize our visibility on network.
What do you like best about the product?
As my experience QRadar correlation engine in is the best of any SIEM. There are major features,
- Analyzing bulk Data
- Testing new rules
- Re-creating offenses that were lost or purged
- Identifying previously hidden threads
- Historical correlation overview
- Creating historical correlation profile
- Viewing information about historical correlation runs
- Analyzing bulk Data
- Testing new rules
- Re-creating offenses that were lost or purged
- Identifying previously hidden threads
- Historical correlation overview
- Creating historical correlation profile
- Viewing information about historical correlation runs
What do you dislike about the product?
Unsupported for SE (Security Enhanced) linux - This is mandatory
API integrations with some products - It's good to have support for some custom made applications
API integrations with some products - It's good to have support for some custom made applications
What problems is the product solving and how is that benefiting you?
- Log Sources - QRadar support various range of log sources. Also we can customize and create custom log sources with DSM Editor. (out of the box features on QRadar - IAM, Data Security, Network & Host, IPS ..)
- Easy as just plug and play, Integration with Vulnerability Manager and Risk Manager.
- Security Intelligence abilities - real time analysis, behavior analysis, anomaly detection.
- Threat intelligence feeds are high quality and very accuracy. Also Threat intelligence information can be inject from sources like IBM X-Force.
- Built-in Rules, Offences and Reports.
- Low level of false positive.
- Graphical dashboards.
- Good solution for any scale of organization
- Easy as just plug and play, Integration with Vulnerability Manager and Risk Manager.
- Security Intelligence abilities - real time analysis, behavior analysis, anomaly detection.
- Threat intelligence feeds are high quality and very accuracy. Also Threat intelligence information can be inject from sources like IBM X-Force.
- Built-in Rules, Offences and Reports.
- Low level of false positive.
- Graphical dashboards.
- Good solution for any scale of organization
Recommendations to others considering the product:
Strongly recommended. Because it fulfill 99% of our requirements. This is not an one of SIEM, this SIEM solution is perfect for collecting all logs from devices and endpoints and it maximize visibility on the network, remove gaps / lapses and lack of monitoring.
Have advanced correlation algorithms, Scalable solution.
Have advanced correlation algorithms, Scalable solution.
showing 361 - 370