IBM Security QRadar SIEM v7.5.0UP4 (BYOL)
IBM Security | IBM Security QRadar SIEM v7.5.0UP4 (BYOL)Linux/Unix, Red Hat Enterprise Linux 7.9 - 64-bit Amazon Machine Image (AMI)
Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Qradar Review
What do you like best about the product?
Incident Alerts need to be sorted in better way , reading logs from other system sometimes need a lot of parsing
What do you dislike about the product?
Vulnerability Assessment need to be enhance
What problems is the product solving and how is that benefiting you?
centralized log management for all logs
- Leave a Comment |
- Mark review as helpful
IBM QRadar Review
What do you like best about the product?
Integration between different platforms like rapid7, etc. Flexibility in creating event rules.
What do you dislike about the product?
A bit slow when pulling logs for the last 30 days
What problems is the product solving and how is that benefiting you?
Identifying security event triggers and sudden increase in bandwidth flow
Recommendations to others considering the product:
IBM Security QRadar is a good all in one security application. It will allow you to connect different security application and customize your own rule for a much more zero-in result.
Above average product
What do you like best about the product?
Best in creating use cases. You need not to be a query master to create use case. Just need to have a logic. Hence, much user friendly.
What do you dislike about the product?
Scaling, integration with other products is a bit difficult and for minor help IBM support keeps on pushing to take their professional services help(which comes at a cost).
What problems is the product solving and how is that benefiting you?
For creating use cases, integration of other security products. Fine tuning of ise cases etc.
It's user friendly and interactive web features.
It's user friendly and interactive web features.
Recommendations to others considering the product:
Professional services should be ease out for cusromers and a lot more competitive offerings should be there i.e. cost, assistance in scaling. Client issues should be taken up very seriously. IBM support quality should be enhanced.
Greater visibility of your network
What do you like best about the product?
It can be integrate with most of the devices ( Routers, Servers, DB Servers, Critical Devices, Critical Applications etc.,), Its highly scalable and gives greater visibility also good in event management.
What do you dislike about the product?
It's much complicated in implementation and usage
What problems is the product solving and how is that benefiting you?
With the help of Qradar proactively control the security events in our organization
Recommendations to others considering the product:
Do prepare the use cases and do a proof of concept at least a month then take a right decision
I recommend IBM, since it is easy to use interface and easy to search
What do you like best about the product?
The interface is very straight forward and live events is easy to read
What do you dislike about the product?
creating correlation rule inside the interface is not easy
What problems is the product solving and how is that benefiting you?
Security incidents
Recommendations to others considering the product:
Make sure to understand the architecture of IBM before implementing it
Recommended one for SOC.
What do you like best about the product?
Customisation as per requirement and details of information in events and logs.
What do you dislike about the product?
I think technical support could have been better.
What problems is the product solving and how is that benefiting you?
Monitoring the logs of devices and fine tuning those devices with best practices.
Excellent product that works using infrastructure logs
What do you like best about the product?
Dashboards give good insights to management and technical workers. Event monitoring improves if the logs provided to qradar are specific.
What do you dislike about the product?
Unable to expand storage easily using lvm.
What problems is the product solving and how is that benefiting you?
Infrastructure security, threat intelligence, management reports on security of infrastructure.
Recommendations to others considering the product:
It's a really nice product, specially when you use threat intelligence component and Watson analyzer
Security logs
What do you like best about the product?
Ingest vast amounts of data from on-prem and cloud sources.
Applies built-in analytics to accurately detect threats.
Correlate related activities to prioritize incidents.
Automatically parses and normalizes logs.
Threat intelligence and support for STIX/TAXII.
Applies built-in analytics to accurately detect threats.
Correlate related activities to prioritize incidents.
Automatically parses and normalizes logs.
Threat intelligence and support for STIX/TAXII.
What do you dislike about the product?
You can send a denial of service. The Linux kernel used by QRadar is vulnerable to a denial of service due to an error in functionality.
What problems is the product solving and how is that benefiting you?
Use of analytics to eliminate threats .
Analyze the offenses .
Analyze the offenses .
Qradar is a best tool if you are looking for SIEM solutions. It's great tool for threat hunting.
What do you like best about the product?
It's great tool for threat hunting & log analysis
What do you dislike about the product?
It's complex somewhat , difficult to analyse the logs.
What problems is the product solving and how is that benefiting you?
We use for log reporting & Analysis
the platform is friendly and robust and It has many advantages to be exploited to the fullest
What do you like best about the product?
the platform is friendly and robust and It has many advantages to be exploited to the fullest, which are of great help in detecting vulnerabilities and threats.
What do you dislike about the product?
la sección de reenvío de eventos no está muy bien definida y desarrollada ya que he tenido inconvenientes al tratar de realizar el reenvío hacia otro siem por decisión del cliente.
What problems is the product solving and how is that benefiting you?
collection of general team events, rules for detecting threats, the benefits is that the platform already includes several rules that are highly supportive.
showing 201 - 210