IBM QRadar SIEM Pricing, Features, Reviews & Comparison of Alternatives

IBM QRadar SIEM

Security information & event management (SIEM) platform

4.73/5 (11 reviews)

IBM QRadar SIEM overview

IBM QRadar SIEM is a security information and event management platform for security analysts to accurately detect, prioritize, investigate and quickly respond to threats across cloud-based and on-premises environments. QRadar monitors the enterprise network using machine learning and AI algorithms, providing teams with intelligent insights which enable security analysts to formulate a response plan before attackers are able to damage systems, steal data, or disrupt business operations.

QRadar provides tools for advanced persistent threat detection which enable security analysts to collect data on low risk events in order to identify the high risk cyber attacks which are underway. By correlating current and historical security information, security teams are provided with a single view into the broader threat, as events related to the same threat are automatically chained together. QRadar helps security teams to formulate a response plan, speed up investigation times by leveraging cognitive intelligence, and begin activating automated incident response processes using the IBM Resilient integration.

For insider threat detection, QRadar provides advanced analytics and machine-learning algorithms to help identify high-risk activities, uncover compromised credentials, prioritize high-risk users, and alert security teams to serious incidents. Integrated identity governance solutions enable users to suspend high-risk users’ accounts to contain threats and block potential damage. Integration with cloud services including Amazon Web Service (AWS), Azure, Office 365, SalesForce, and traditional on-premises infrastructure help security analysts to better detect and respond to threats regardless of their location.

QRadar also includes tools for compliance and data privacy to ensure the protection of sensitive data for both brand reputation and compliance with regulations including GDPR. The platform alerts security teams to any suspicious activities that may signal an attempt of data theft, and continuously analyzes network traffic to detect new assets on the network. The optional vulnerability scanner feature prioritizes risks and vulnerabilities, while security features provide insights into sensitive databases and access entitlements across the network.
www.ibm.com

Pricing

Pricing options
Value for money
View Pricing Plans

Devices

Business size

S
M
L

Markets

United States

Supported languages

English
IBM QRadar SIEM screenshot: IBM QRadar extends visibility to cloud solutions and platforms by collecting, normalizing and analyzing events to help detect threats IBM QRadar: The Intelligent SIEM

IBM QRadar SIEM reviews

Excellent
8

Very good
3

Average
0
Poor
0
Terrible
0
Value for money
Features
Ease of use
Customer support
  4.7
  4.6
  4.5
  4.4
Josh Ashby

IBM QRadar SIEM

Used daily for 1-2 years
Reviewed 2019-05-20
Review Source: Capterra

Collect in secure mode all critical events from our critical resources. Identify and analysis incidents and attacks.

Pros
The IBM QRadar SIEM is a powerful tool. A mature solution to collect event and investigate incidents and attacks. The tool store in secure mode all events. The tool is easy to use. Easy to add log sources and analysis offenses.

Cons
The documentation of the tool can be more detailed.

Rating breakdown

Value for money
Ease of use
Features
Customer support

Likelihood to recommend: 10/10

Minimize review

Luke Thompson

Accurate analysis of vulnerabilities based on accurate reports.

Used daily for 2+ years
Reviewed 2019-05-23
Review Source: Capterra

The technical capabilities of the product have allowed to provide a superior layer of security to the organization, the detection of vulnerabilities and analysis has been a key point to protect the security of the information, the integrity of the teams and the clients related to the organization.

Pros
QRadar allows analysis in an appropriate way, it allows detecting threats in real time and in this way you can initiate actions against potential vulnerabilities to the company's network, its technical strength is of quality and functionalities are consistent with the product.

Cons
QRadar is a state-of-the-art product, allowing it to be a product that allows detecting vulnerabilities quickly, but sometimes it can generate notifications that are not of such priority and this generates delays in the analysis.

Rating breakdown

Value for money
Ease of use
Features
Customer support

Likelihood to recommend: 8/10

Minimize review

Anonymous

QRadar is the best!!!

Used daily for 6-12 months
Reviewed 2019-05-08
Review Source: Capterra

IBM QRadar is very good solution to assure integrity of logs. You can add all your log sources, monitor logs, offenses. Also you can prevent and detect attacks and investigate incidents.

Pros
Easy to use. Easy integration with log sources. Assure security of logs is easy with QRadar.

Cons
Sometime use too more resources. The user manual can be more detailed.

Rating breakdown

Value for money
Ease of use
Features
Customer support

Likelihood to recommend: 10/10

Minimize review

Darius Olteanu

The best SIEM ever

Used daily for 6-12 months
Reviewed 2019-05-15
Review Source: Capterra

Store in secure mode all our critical events. Help to prevent and investigate attacks and incidents.

Pros
Easy to implement and administrate. Good price. The vendor offer good support. Big user community. Run fast. Easy to add and manage log sources.

Cons
Nothing. We like this tool. And recommend to other to use it

Rating breakdown

Value for money
Ease of use
Features
Customer support

Likelihood to recommend: 10/10

Minimize review

Mikhail K

Leader of SIEM

Used daily for 1-2 years
Reviewed 2018-10-10
Review Source: Capterra

We chose QRadar as this is one of the most competitive SIEMs in the market. I would suggest QRadar. It's a great product.

Pros
I have used QRadar for a few years. We run it in a big environment. The benefits are flexible and scalable architecture, efficient reporting, the data consolidation and search capabilities.

Cons
The dashboards should be improved. Generally, we absolutely satisfied with QRadar, but I did not compare it with some other tools.

Rating breakdown

Value for money
Ease of use
Features
Customer support

Likelihood to recommend: 9/10

Minimize review

IBM QRadar SIEM pricing

Pricing options
Free trial
Subscription
View Pricing Plans

Contact IBM for pricing information

IBM QRadar SIEM features

Alerts / Escalation
Compliance Management
Monitoring
Third Party Integration

API (95 other apps)
Access Control (68 other apps)
Activity Dashboard (52 other apps)
Audit Trail (38 other apps)
Auditing (61 other apps)
Authentication (48 other apps)
Automatic Notifications (39 other apps)
Password Management (36 other apps)
Permission Management (37 other apps)
Policy Management (37 other apps)
Real Time Monitoring (41 other apps)
Reporting & Statistics (50 other apps)
SSL Security (44 other apps)
Secure Data Storage (37 other apps)
Single Sign On (42 other apps)
Two-Factor Authentication (41 other apps)

Categories

Additional information for IBM QRadar SIEM

Key features of IBM QRadar SIEM

  • Behavioral analytics
  • Network monitoring
  • Threat intelligence
  • Endpoint management
  • Detect advanced threats
  • Detect insider threats
  • Critical data & GDPR
  • Cognitive intelligence
  • Automated incident response processes
  • Block advanced attackers
  • Formulate response plans
  • Correlate current and historical security information
  • Incident forensics
  • User behavior analytics
  • Security analytics engine
  • Machine-learning algorithms
  • Identify high-risk activities
  • Incident alerts to security teams
  • Vulnerability scanner (optional)
  • Prioritize risks and vulnerabilities
  • Usage monitoring
  • Threat detection in real time
  • Third party integration
View All Features

Benefits

Discover cyber attacks sooner in the attack cycle, view all relevant events in one place, and formulate an effective response plan to block and contain advanced attackers.

Detect activities such as anomalous access to data or suspicious movement of data which may indicate an attempt to corrupt or steal sensitive information.

QRadar enables security teams to detect, investigate and react to insider threats before attackers are able to damage systems, steal data, or disrupt business operations.

QRadar's network insights help users to analyze network traffic and locate critical data, monitor usage, and detect threats in real time.

Identify and group related events by correlating current and historical security information, and prioritize alerts to the most critical threats.