IBM Security QRadar SIEM v7.4.3 (BYOL)
IBM Security | IBM Security QRadar SIEM v7.4.3 (BYOL)Linux/Unix, Red Hat Enterprise Linux RHEL-7.7 - 64-bit Amazon Machine Image (AMI)
Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Single pane security solution
What do you like best about the product?
It comes with a hybrid strategy that really helped us to integrate our multi could as well as on premise infrastructure with it for seamless security vulnerabilities monitoring.
What do you dislike about the product?
The integration process with Azure is bit messy.
What problems is the product solving and how is that benefiting you?
Malicious traffic, DDoS Threat detection, Admin user vulnerability.
- Leave a Comment |
- Mark review as helpful
Complete SIEM solution
What do you like best about the product?
Huge variety of integrations available with multiple mechanisms
What do you dislike about the product?
Visibility of data is not really good in finding the context of offenses
What problems is the product solving and how is that benefiting you?
Compliance
Correlation
Visibility on every Security Control
Correlation
Visibility on every Security Control
Recommendations to others considering the product:
A complete SIEM solution with multiple integrations and apps available to integrate but at the cost of less graphical context and visibility
All in one siem tool
What do you like best about the product?
Log Sources - QRadar support various range of log sources. Also we can customize and create custom log sources
What do you dislike about the product?
It would be good if the program allowed certain profiles to only see certain customer information
What problems is the product solving and how is that benefiting you?
Increased security of the company
IBM QRadar seems to be it.IBM QRadar seems to be it.IBM QRadar seems to be it.
What do you like best about the product?
I like how it integrates TI with SIEM Solution, so it will make it as a single dashboard.
The visualization looks great, the automation seems great.IBM QRadar seems to be it.IBM QRadar seems to be it.IBM QRadar seems to be it.IBM QRadar seems to be it.IBM QRadar seems to be it.
The visualization looks great, the automation seems great.IBM QRadar seems to be it.IBM QRadar seems to be it.IBM QRadar seems to be it.IBM QRadar seems to be it.IBM QRadar seems to be it.
What do you dislike about the product?
It needs more information for the integration part, Splunk provides it with their apps, for example if you want to integrate splunk with any solution such as Cisco ISE, there's a document for it.
So.. documentation.IBM QRadar seems to be it.IBM QRadar seems to be it.IBM QRadar seems to be it.IBM QRadar seems to be it.IBM QRadar seems to be it.IBM QRadar seems to be it.
So.. documentation.IBM QRadar seems to be it.IBM QRadar seems to be it.IBM QRadar seems to be it.IBM QRadar seems to be it.IBM QRadar seems to be it.IBM QRadar seems to be it.
What problems is the product solving and how is that benefiting you?
I'm a person who likes to read a comprehensive document.IBM QRadar seems to be it.IBM QRadar seems to be it.IBM QRadar seems to be it.
As I work as a TI person and in SOC team, adding them both in a single solution made it great for me.
As I work as a TI person and in SOC team, adding them both in a single solution made it great for me.
Recommendations to others considering the product:
Look for the documents and how it is integrated with your other existing solution first.
Then contact IBM for further consulting as it will definitely help you in that part.
IBM QRadar seems to be it.
IBM QRadar seems to be it.
IBM QRadar seems to be it.IBM QRadar seems to be it.
IBM QRadar seems to be it.
IBM QRadar seems to be it.
Then contact IBM for further consulting as it will definitely help you in that part.
IBM QRadar seems to be it.
IBM QRadar seems to be it.
IBM QRadar seems to be it.IBM QRadar seems to be it.
IBM QRadar seems to be it.
IBM QRadar seems to be it.
A good product at optimum cost
What do you like best about the product?
Ease of use to navigate. Correlation engine is good.
What do you dislike about the product?
Rule creating functionality is limited. You can only create rules as per specified template of QRadar. For you to create rule by yourself by writing some query you have to learn AQL.
If I have to learn AQL what is the point of QRadar rule template then. Why not allow rule creating using AQL only.
If I have to learn AQL what is the point of QRadar rule template then. Why not allow rule creating using AQL only.
What problems is the product solving and how is that benefiting you?
Problems are mainly w.r.t organisation compliance.
We have all the logs at a single place and thus helps in effective organization monitoring.
We have all the logs at a single place and thus helps in effective organization monitoring.
Recommendations to others considering the product:
It is a good product but considering changing times and cost involved you should consider a product which can house a datalake or data warehouse. It caters to a lot of your requirements. It can handle 2k EPS as well as 1 Lakh EPS.
IBM QRADAR
What do you like best about the product?
QRADAR provides excellent display of logs which is convenient for user to understand.
What do you dislike about the product?
IBM QRADAR certification is expensive for young professionals., there should be price cutting in it.
What problems is the product solving and how is that benefiting you?
I can save my infrastructure from outside cyber threats.
One of the best SIEM systems I worked with
What do you like best about the product?
The GUI is nice and easy to understand..
What do you dislike about the product?
The complexity of creating new rules could sometimes be frustrating.
What problems is the product solving and how is that benefiting you?
We use us as a monitoring system and security events alerting system and vulnerability scanner.
Recommendations to others considering the product:
You will need lots of external service provider hours to work and manage the Qradar SIEM.
Easy integrations and we'll supported documents
What do you like best about the product?
Supported documents, parsing and default rule correlation. Easy query based searching and convenient UI based structure helps to quickly investigate or go through logs.
What do you dislike about the product?
Vendor support was not so good however can be managable with available documents
What problems is the product solving and how is that benefiting you?
Support at the required time was not provided. Centralized DSM structure and default event ID were useful and helped in easy import and export during custom DSM creation
Recommendations to others considering the product:
Easy Administration and parsing. Only one thing found negative is timely support from Vendor, rest all looks good.
QRadar is a great SIEM solution
What do you like best about the product?
-Vulnerability Assessment
-Viewing information about historical correlation runs, Historical correlation
-Viewing information about historical correlation runs, Historical correlation
What do you dislike about the product?
API Integrations with some products and unsupported for SE linux
What problems is the product solving and how is that benefiting you?
Event Alerts, Analyzing the data and resolving the issue in the network. Easy as just plug and play, Integration with Vulnerability Manager and Risk Manager.
Recommendations to others considering the product:
I strongly recommended it. Because it fulfills our requirements. This is not a one of SIEM, this SIEM solution is perfect for collecting all logs from devices and endpoints and it maximizes visibility on the network, removes gaps/lapses and lack of monitoring.
A one stop solution for all your SIEM needs
What do you like best about the product?
Offenses, Out of the box support for so many devices, Custom Rules, Fast searches, Apps
What do you dislike about the product?
User Interface, it could definitely be better.
What problems is the product solving and how is that benefiting you?
Improving the security posture and monitoring of all kind of anomalies and suspicious activity inside my environment.
showing 281 - 290