IBM Security QRadar SIEM v7.5.0UP4 (BYOL)
IBM Security | IBM Security QRadar SIEM v7.5.0UP4 (BYOL)Linux/Unix, Red Hat Enterprise Linux 7.9 - 64-bit Amazon Machine Image (AMI)
Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Good Out of the box parsing or various devices and good security use cases
What do you like best about the product?
Great device integration
Good apps for various security devices
Excellent network and security data collection
Excellent coorelation and normalization
Very good UBA
Good apps for various security devices
Excellent network and security data collection
Excellent coorelation and normalization
Very good UBA
What do you dislike about the product?
Tuning of Rules and alerts require some insights and knowledge of logs sources.
Reduce alert generated and focus on main alerts and reducing unnecessary rule triggers
Reduce alert generated and focus on main alerts and reducing unnecessary rule triggers
What problems is the product solving and how is that benefiting you?
Network Visibility.
Security Alerts from single Console.
Vulnerability Information of all assets.
Operational Information related to network. Network Traffic Visibility
Security Alerts from single Console.
Vulnerability Information of all assets.
Operational Information related to network. Network Traffic Visibility
- Leave a Comment |
- Mark review as helpful
one of the best tool for soc analysts
What do you like best about the product?
Qradar is very user-friendly.
easy to integrate other infra.
huge support available locally as well as international
ariel query language help to find the logs easily.
easy to integrate other infra.
huge support available locally as well as international
ariel query language help to find the logs easily.
What do you dislike about the product?
currently, I don't dislike any feature. because I find everything smooth.
What problems is the product solving and how is that benefiting you?
threat intelligence, event managment
Great tool to use and working is easy
What do you like best about the product?
Graphical user interface is the best and easiest to use without any conditions
What do you dislike about the product?
Learning and certificate is costly and we need to look in external training
What problems is the product solving and how is that benefiting you?
Used for siem and creating filters is easy
I am manager soc in askaribank and also managing qradar since 5 years
What do you like best about the product?
User friendly interface
Easy to use
Provide simple interface and easily can integrate with other infrastructure
Local and international support is easily available
Easy to use
Provide simple interface and easily can integrate with other infrastructure
Local and international support is easily available
What do you dislike about the product?
Parsing is not good in qradra, Most of fields are not parsed by qradar. Integration woth other products are dependant on verisons and in most cases latest versions are not supported
What problems is the product solving and how is that benefiting you?
We are securing our envioronment with qradar and also uses it as a major copmonent of SOC, we are also using it to fulfill our compliance requirements.
Recommendations to others considering the product:
It is a good software for middel level organization, and also for those companies which are going to establish their SOC
It is easy to deploy and easy to integrate.
It is easy to deploy and easy to integrate.
Powerful Tool for Security Monitoring and Analysis
What do you like best about the product?
Threat intelligence is a powerful tool. The use case manager helps to analyze active rules and events. Also helps to understand why offense triggers. AQL helps to find the logs easily. I like the app's pulse. Very powerful apps. Get an overview of the whole network at a glance.
What do you dislike about the product?
Every feature is useful. The use case manager helps to tune the rule. Also, MITRE ATT@CK helps to use APT. The concept of reference set needs to describe more easily. continuous Flows make the Processor slow. Facing problem in getting TAXXI Feed.
What problems is the product solving and how is that benefiting you?
Find the vulnerability of our servers. Also aware of the malicious IPs using x-force exchange. The use case manager helps to fine-tune the rules. UBA helps to find out unusual activity of users. Reference Set helps to find malicious IPs like cryptocurrency mining, botnet etc.
Recommendations to others considering the product:
Great product for threat detection and recommended support from support Forum.
One of the best for security
What do you like best about the product?
All the features are best, but i like tracking major threats
What do you dislike about the product?
There is nothing to dislike, overall product features are great.
What problems is the product solving and how is that benefiting you?
Tracking major threats
Overall good experience.
What do you like best about the product?
The addons application for Qradar and feasibility / easibility to use.
What do you dislike about the product?
Licensing module and lack of cloud functionalinity.
What problems is the product solving and how is that benefiting you?
We are using IBM Qradar for the log collection and incident responder. We have realiszed that is is easy to use solution for offense monitoring.
Recommendations to others considering the product:
I strongly recommend to use IBM Qradar.
One of the best and effective SIEM Solution
What do you like best about the product?
The product helps to identify threats or vulnerabilities hiding in the system and to find a quick solution to them. The rules and offenses can be used to work on threat secure policy. The IBM app for integration of many SIEM tools to gather logs and work on them is top-notch.
What do you dislike about the product?
Some of the queries fail while searching for data. This happens more frequently when we like depending on the timespan/amount of data returned from the search. Rerunning the queries might work or I've had to edit the query to a shorter period/more restrictive. Generally, our searches are broad to be specific, so if the first search fails then we are unable to view the data in order to see how to make it more restrictive, which can get annoying.
What problems is the product solving and how is that benefiting you?
Whenever you feel like enlarging your structure, you can add new physical or virtual devices in IBM QRadar. Also, if you are going to get your logs from a different city then it is always nice to be able to set up an event collector there and transfer it over that device.
Recommendations to others considering the product:
The overall experience with the Qradar SIEM tool is good. The IBM support team is always reachable and approachable whenever in need and the support provided by them is apt and on time. The support team ensures to prioritize the issues raised by us and ensure to get them resolved as soon as possible. Overall experience with IBM is real good
Very useful product. Get insight of events in your network
What do you like best about the product?
threat intelligence and events corelation.
What do you dislike about the product?
integration issues with non ibm products.
What problems is the product solving and how is that benefiting you?
events correlation. incident response and mitigation.
Easy to use and Alert monitoring
What do you like best about the product?
The dashboard is most helpful to understand summary of alerts and summary of EPS,etc. IBM resilient, Demisto and internal portals. IBM Qradar is best ever in SOC monitoring.
What do you dislike about the product?
Not able to monitor CCTV, Printers and scanner machines. The Asset tab is not working properly. Add dark mode for eye visibility and graphical statistics to the dashboard.
What problems is the product solving and how is that benefiting you?
To find the attempt on the network and help to mitigate the attacks before compromised. Using this we can see other activities related to the attacks. Obviously , the security of data is the best component of Business.
showing 131 - 140