IBM Security QRadar SIEM v7.4.3 (BYOL)
IBM Security | IBM Security QRadar SIEM v7.4.3 (BYOL)Linux/Unix, Red Hat Enterprise Linux RHEL-7.7 - 64-bit Amazon Machine Image (AMI)
Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Its a matured siem and fullfill almost all requirements of a good siem.
What do you like best about the product?
Ease of integration to various log sources.
What do you dislike about the product?
Gui customization and reporting needs improvement.
What problems is the product solving and how is that benefiting you?
Its correlation engine is great.
- Leave a Comment |
- Mark review as helpful
IBM Qradar is one of the best tool among other SIEM . GUI is really easy to use for Analysis.
What do you like best about the product?
It's having nice GUI with proper documentation.
What do you dislike about the product?
I've used this tool for Monitoring and Investigation purpose only so didn't find till yet.
What problems is the product solving and how is that benefiting you?
Incident Handling by performing Threat hunting.
Recommendations to others considering the product:
Very good SIEM solution to use.
In a sea of SIEM solutions, Qradar stands out for its minimalist yet effective attributes
What do you like best about the product?
The strength of Qradar is its ease of use. Even a novice user with a little idea of what rules he wants to create, can just select the rule conditions from drop down lists and create a rule in one go. It also satisfies the appetite of more powerful users who want to use AQL to write complex correlations or search queries.
What do you dislike about the product?
Qradar misses minor points on chart types offered, time-based statistics and also a better Incident handling procedure( assigning tickets to individuals and tracking until closure) would have been great. Asset management could be better.
What problems is the product solving and how is that benefiting you?
Daily monitoring of the infrastructure using Qradar SIEM rules and log activity tab. Furnishing reports to management directly generated from the tool. Visibility of the entire endpoint and network logs.
Recommendations to others considering the product:
Use Network Activity tab for packet capture, its very powerful. Build rules with few clicks with much ease.
Qradar ranks one of the best Siem product
What do you like best about the product?
It's supports most of the log sources and is friendly to use
What do you dislike about the product?
I think support team needs to be more efficient
What problems is the product solving and how is that benefiting you?
Helpful in analysis of different sources logs. Hui friendly.
Recommendations to others considering the product:
It's most user friendly
10
What do you like best about the product?
It's very simple to use. It helps IT administrators to detect and investigate incidents.
What do you dislike about the product?
In my opinion there is no such thing to dislike Qradar
What problems is the product solving and how is that benefiting you?
From one window I can see my complete network up to port level. It helps me to solve problems like any incidents. I can locate and contain problems very easily.
Recommendations to others considering the product:
One of the best solution I have ever used. It's very easy to use and integrate all devices with simple configuration. It assures integrity of logs. You can add all your log sources, monitor logs, offenses. Also you can prevent and detect attacks and investigate incidents.
IBM Qradar Recommendation
What do you like best about the product?
It is structured and easily analyze the the data or information, data is more readable as in raw format only,events are organized.
What do you dislike about the product?
User interface is not up to the Standard of the company reputation.
What problems is the product solving and how is that benefiting you?
Solving problems on alerts on clients and reporting the errors. Reporting the error is easily done and data are more efficiently classifiable.
Recommendations to others considering the product:
Qradar is a good SIEM tool and companies can adapt to IBM.
easy to use, learn, easily managed, comprehensive visibility, good offense management
What do you like best about the product?
Administration part- Parsing, Integration. Easy to scale. App add on to make enhancement in features, Multi-tenancy. Easy use for L1 analysts.
What do you dislike about the product?
old interface, difficulty with some apps
What problems is the product solving and how is that benefiting you?
Incident analysis, reporting and resolution. Threat investigation. Logs management.
QRadar offers a versatile and extensive SIEM platform with many choices of out-of-the-box content
What do you like best about the product?
QRadar has a solid ecosystem of value-added integrations. User Behavior Analytics ,Watson AI ,Includes strong support for network data monitoring.
What do you dislike about the product?
Not so much for integration and deployment, and service/support as other competitors
What problems is the product solving and how is that benefiting you?
IBM QRadar Advisor with Watson provides automated root cause research for identified threats.
Best in the current market
What do you like best about the product?
The correlation engine and the easiest GUI to work with. The support is very good. Easy deployment.
What do you dislike about the product?
Doesn't support integration with SOAR ,ELK or other SIEM.lack of GUI customization.Heavily use of machine learning.
What problems is the product solving and how is that benefiting you?
Easiest and fastest to setup in new environment. It doesn't need lots of time to get used to.Its automated monitoring helps to detect threats faster and gives great visibility of the infrastructure.
IBM Q-Radar Executive Review
What do you like best about the product?
There are a number of SIEMs on the market today but not all are created equal, QRadar stands the top for ease of use
What do you dislike about the product?
Nothing at the moment, eagerly waiting for further updates
What problems is the product solving and how is that benefiting you?
Mass Assignment with the work and managing organization
showing 231 - 240