IBM Security QRadar SIEM v7.4.3 (BYOL)
IBM Security | IBM Security QRadar SIEM v7.4.3 (BYOL)Linux/Unix, Red Hat Enterprise Linux RHEL-7.7 - 64-bit Amazon Machine Image (AMI)
Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
IBM QRadar
What do you like best about the product?
Complete suite of products.. ease of use
What do you dislike about the product?
Nothing at the moment.. licence costs could be lower
What problems is the product solving and how is that benefiting you?
Single source for monitoring for our agents. Easy to colorate and plugin multiple sources of input
Recommendations to others considering the product:
Can recommend
- Leave a Comment |
- Mark review as helpful
One of the leading SIEM Tools for enterprise settings for threat analysis and correlation
What do you like best about the product?
It is helping security teams to reduce manual workload by automating all security monitoring processes by implementing the Zero Trust security model and it also supports multiple protocols to ingest logs and events from multiple endpoints to make it more diverse in terms of device vendor support.
What do you dislike about the product?
IBM QRadar is somehow hard to configure compared to other vendors and onboarding log sources or assets can sometimes prove to be a hectic process
What problems is the product solving and how is that benefiting you?
We used QRadar as a Security Operations Monitoring tool in our SOC
Recommendations to others considering the product:
An organization should first consider the business requirements as this tool might prove to be costly and it will only make business sense if ROI is acceptable there should be skilled administrators and analysts to operate this tool to get the best out of it
It was good
What do you like best about the product?
The content of the course is good. It has good practical hands-on exercises that helps to understand and grasp the concepts.
What do you dislike about the product?
The content could have had more sessions on analysis of alerts.
What problems is the product solving and how is that benefiting you?
I started off with Qradar architecture. But it had more in-depth concepts and made us to understand the core concepts of Qradar.
Recommendations to others considering the product:
IBM Qradar had an edge on other siem tools. It is very user friendly and anyone can learn so easily.
very versatile and convenient program
What do you like best about the product?
The program is very powerful and versatile. we were able to set up integration on it with our various equipment and servers (Juniper. Aix. Unix. Oracle)
What do you dislike about the product?
it's a bit difficult to write parsers, but if you have experience in programming, then it's possible
What problems is the product solving and how is that benefiting you?
it became more convenient to respond to incidents and it became easier to recognize hacking attempt
Recommendations to others considering the product:
Universality, you can write your own parser without much programming skills, solves many problems
The UI although has everything in place, but it looks a little cluttered.
What do you like best about the product?
The ease of making correlation rules using building blocks.
What do you dislike about the product?
The overall appearance of the dashboard.
What problems is the product solving and how is that benefiting you?
Used it for security monitoring.
We receive offences based on the log sources and rules and it helps have an insight what's going around in the organization.
We receive offences based on the log sources and rules and it helps have an insight what's going around in the organization.
Recommendations to others considering the product:
The overall efficiency of the User Interface can be improved.
It's sometimes difficult to go through the Network flows.
Also, adding comments to offences can be made more user friendly.
It's sometimes difficult to go through the Network flows.
Also, adding comments to offences can be made more user friendly.
Qradar Review
What do you like best about the product?
User experience, log integration, threat intelligence
What do you dislike about the product?
Parsing is not happening for fee devices
What problems is the product solving and how is that benefiting you?
Security of our organisation
More than 3 years of working experience with IBM QRadar
What do you like best about the product?
Easy to use. It has the best features like UBA, USE Case Manager, Watson Advisory etc. Mapping to MITRE attacks, IBM Thread Intelligence is among very useful tools security guys use on a daily bases.
What do you dislike about the product?
The default dashboard should be well designed. Also, I have some issues with the integration of Huawei customized devices but the issue was not at the QRadar end.
What problems is the product solving and how is that benefiting you?
Monitoring network security posture, Threat Hunting, type of communication, violations of user access rights, device misuse, and violations of configured rules.
Recommendations to others considering the product:
Have working experience with other SIEM solutions as well and I have found this tool easy to deploy and configure.
Qradar is the best SIEM solution
What do you like best about the product?
is very friendly with the users, easy to understand and easy to use and the most important thing is that is easy to add more technologies.
What do you dislike about the product?
sometimes the tool is slow to use but the biggest problem is the correct creation of rules that allow the analysis of events
What problems is the product solving and how is that benefiting you?
We have resolved the collection, analysis and subsequent resolution of security incidents from the logs that we have been able to integrate with the tool.
Recommendations to others considering the product:
It is a complete solution that can last for many years without major inconveniences.
QRadar 'A Complete Solution for Security'
What do you like best about the product?
All the features are good and easy to understand. Pulse dashboard give us complete view of offenses and events. Also user behavior analysis gives a clear look of risky user. Use case manager is also helps to analyse rules and building blocks. Log activity, network activity gives real time events and flows.
What do you dislike about the product?
Every features are useful. I like all the features and app host. Also content extension helps to increase reference set. Report might include more features and easy to generate.
What problems is the product solving and how is that benefiting you?
Collecting all logs and flows in qradar from all log sources. We detect bot connection in our system and mitigate the issue. It actually help to take action before any incident happen. Threat intelligence feed also help to know about threat ongoing in the globe.
Recommendations to others considering the product:
Useful tool for security. Very much recommended.
i’ve used it for quite sometime and love the sources pf data and the feeds are available.
What do you like best about the product?
Enriched data and the feeds and logs ingestion.
What do you dislike about the product?
Dashboard should be more user friendly and it should be self explanatory for ghe begineers as well.
What problems is the product solving and how is that benefiting you?
Data and Logs analysis and looking for malicious attempts
showing 121 - 130