IBM Security QRadar SIEM v7.4.3 (BYOL)
IBM Security | IBM Security QRadar SIEM v7.4.3 (BYOL)Linux/Unix, Red Hat Enterprise Linux RHEL-7.7 - 64-bit Amazon Machine Image (AMI)
Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
accurate tool
What do you like best about the product?
Accurate tech- seemless integration for analysts
What do you dislike about the product?
time consuming for initial set up but then it was easy to add on
What problems is the product solving and how is that benefiting you?
ingesting security events and providing advanced analytics t osecurity team
- Leave a Comment |
- Mark review as helpful
Consolidated security solution providing real-time visibility, threat detection and management
What do you like best about the product?
QRadarr provides Admin Friendly user interface which makes its configuration and deployment very easy. Its correlation engine and built-in rules in my opinion is best when compares to other SIEM Solutions
What do you dislike about the product?
Legal and Compliance 2- Pro-active threat monitoring and alerting capability to Prevent potential security breaches
3- Better reporting, log collection, analysis and retention
3- Better reporting, log collection, analysis and retention
What problems is the product solving and how is that benefiting you?
We have been using QRADAR for past 10 years.Qradar SIEM is one of the most powerful and advance siem solution. We have integrated existing network and security solution data sources with Qradar to ingest logs and security events to provide us single dashboard for all the security incidents and malicious user activities to enable proactive incident response. We have integrated our Forcepoint firewall with QRADAR using syslog to improve overall security posture and to have a real-time visibility of Web activity logs, including URLs visited, malicious file downloads, data exfiltration , detection of advanced persistent threats and zero day attacks.
Collect and parsing log
What do you like best about the product?
We use IBM Qradar to collect log for our customer, log have different server, computer , switch, firewall ecc and in this way we have one Siem that help us to collect and extend data retention of customer log, create different use case and generate offense for malicious activity
What do you dislike about the product?
the cost of this solution is more expensive compare with competitor
What problems is the product solving and how is that benefiting you?
Collect all type of log and for our customer that have different system is the best solution
QRadar the best SIEM
What do you like best about the product?
The scalability of the platform allows seamless integration with different products, enabling efficient correlation of events from different log sources.
What do you dislike about the product?
Initial implementation and customisation can be challenging and require significant time and expertise to adapt the system to the specific needs of the organisation.
What problems is the product solving and how is that benefiting you?
By analysing large amounts of data in near real time, QRadar identifies both known and unknown threats.
QRadar's Strengths: Impact of Intuitive Interface and Easy Integration
What do you like best about the product?
One of Qradar's strenghts is certainly the intuitive user interface, which can help less experienced users move more easily within SIEM pages. One other good thing is the scalability and easy integration with most of the products on the market, which is critical for correlating events from different log source types.
What do you dislike about the product?
The main problem encountered in 5 years of product is the the technical support received from IBM in case of major problems. Working in cyber security, I believe that response times are a fundamental point, in a world where even a few minutes can make the difference
What problems is the product solving and how is that benefiting you?
Working in a Cyber Security Operating Center with IBM QRadar Siem i can monitoring a lot of different types of host oncustomer's infrastrcuture.
QRadar- an ideal SIEM solution
What do you like best about the product?
The features like advanced threat detection, user friendly UI, scalability, AI powered automation etc. are good offerings from QRadar. And I like these features.
What do you dislike about the product?
I found some difficulties in the initial setup , customization limitation, delayed response time when load is high. If the organization size is small, then cost to acquire QRadar license can be high which makes it inaccesible.
What problems is the product solving and how is that benefiting you?
IBM Security QRadar SIEM is solving log management, risk management, incident response, threat detection etc. And prevention is better than cure. It is good to remain alerted before threat agent could do any harm.
IBM Qradar review
What do you like best about the product?
It helps into deep packet inspection to identify threat as well correlate the data for analysis and threat hunting.
What do you dislike about the product?
Cannot handle large data sets requires and ELK for data injections, memory intensive which increases the chances of instability, the latest version doesn't have a gpt kind of functions which helps adminstrator run simple query to get output as not every one can learn the query language
What problems is the product solving and how is that benefiting you?
Qradar help provide a good siem function which strengthen our society team in deep packet analysis to identify threats and help mitigate via incident response.
Intuitive after prolonged use
What do you like best about the product?
It has several options and the API ends up being very interesting to use for those who understand the subject.
It ends up being easy to implement using the documentation presented.
It ends up being easy to implement using the documentation presented.
What do you dislike about the product?
Several tabs are opened when viewing an event, something that was supposed to be simple ends up getting in the way.
What problems is the product solving and how is that benefiting you?
Making the environment we use safe
Siem since the implementation and exploitation of the application
What do you like best about the product?
easy deployment and integration with your collectors
What do you dislike about the product?
When integrating equipment that is not natively registered, parcing is cumbersome.
What problems is the product solving and how is that benefiting you?
Critical equipment alerts and active monitoring, benefiting possible attacks or vulnerabilities to the monitored systems
Qradar - A Complete SIEM Platform
What do you like best about the product?
Qradar is easy to handle tool. Qradar provides a good log or flow search experience. It is easy to handle the offenses as correlation works great and we are able to see any previous offense from the same attacker.
What do you dislike about the product?
There is only one thing which I dislike about Qradar is its dashboard experience. Qradar has very old fashioned dashboard. They added pulse for better dashboards but they discontinued it.
What problems is the product solving and how is that benefiting you?
Qradar is a complete SIEM tool platform which provides great correlation of the events so that we can get concrete offenses rather than false positives. Multiple search filters allow us to get data more accurately and precisely. Using its UEBA we can generate offenses related to user or behaviour anomalies.
showing 1 - 10