We performed a comparison between IBM Security QRadar and Cynet based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: IBM Security QRadar users say the solution provides extensive information and helpful leads for locating pertinent data. QRadar stands out with its comprehensive network visibility and strong SIEM capabilities. Cynet offers strong ransomware protection and an intuitive interface. IBM Security QRadar could improve its rule deployment and lower its false positive rate. Users would also like expanded storage capacity, streamlined user management, and a more mature architecture. Cynet needs to expand device support and add customization options. Users suggest improving network monitoring and strengthening integration with other tools.
Service and Support: Some customers of IBM Security QRadar have had trouble connecting with knowledgeable support staff and experienced delayed responses. Cynet's customer service is consistently lauded for its excellence. They have a dedicated support team that is available round the clock, and they also have a contingency plan for urgent incidents.
Ease of Deployment: IBM Security QRadar's initial setup can be complex for users without expertise, and the difficulty may vary depending on the size of the data set. Cynet’s setup is highly efficient, with the ability to configure thousands of devices quickly.
Pricing: IBM Security QRadar can be costly because users need to buy new hardware to upgrade. Customers generally think Cynet is affordable and a good value for its features.
ROI: IBM Security QRadar delivers a high return on investment, improving security through its advanced user behavior analytics. Cynet yields an excellent ROI by preventing cyberattacks and safeguarding sensitive data.
Comparison Results: Our users prefer IBM Security QRadar over Cynet. The advanced security features and overall strength of QRadar make it the favored option. Users like QRadar's extensive and actionable insights, user-friendly interface, and adaptability. QRadar offers a comprehensive overview of network activity and risk management.
"The Endpoint Manager is incredible; it has a very straightforward interface and is exceedingly easy to use. Pulling out and deploying different tags or resources is a simple task across various departments with different levels of security. The notifications are also simple and satisfying; it's great to see the bubble informing us which devices are compliant and which are waiting to update."
"I like that it's fully integrated with Windows, Microsoft 365 Exchange Online, and Outlook. It is better than other antivirus solutions because it's fully integrated with all Microsoft products. It's easy to integrate them and onboard all Windows devices from SCCM."
"Microsoft Defender's most critical component is its CASB solution. It has many built-in policies that can improve your organization's cloud security posture. It's effective regardless of where your users are, which is critical because most users are working from home. It's cloud-based, so nothing is on-premise."
"Scanning, vulnerability reporting, and the dashboard are the most valuable features."
"I have found the ability to delete unwanted threats beneficial."
"The best feature is threat hunting. There are a lot of other features I like, such as the alert mechanism. The chain alert mechanism has a huge impact. It combines all the alerts into one incident and automatically correlates them with AI."
"My clients like Defender's file integrity monitoring. They're monitoring Windows and Linux system files."
"Within advanced threat hunting, the tables that have already been defined by Microsoft are helpful. In the advanced threat hunting tab, there were different tables, and one of the tables was related to device info, device alert, and device events. That was very helpful. Another feature that I liked but didn't have access to was deep analysis."
"The feature that I have found most valuable is that the configuration and the usage of the product are not so complicated. For people responsible for using this infrastructure for the first line of workstation monitoring, it's quite easy to use."
"It can be deployed in autonomous mode, and then it automatically blocks malware threats."
"The feature I find most valuable, is the reality graphical user interface."
"The most valuable feature is the monitored support behind it."
"It is quite stable. I would rate the stability of the solution a nine out of ten."
"Cynet is unique in that it has almost everything included and it was built up from the ground, instead of a bundle of purchased and composed modules. It gives you easier very good visibility than Sentinel One as well as a lower maintenance burden."
"A reliable security system that automatically quarantines anything suspicious."
"I like the Cynet Correlator™ feature."
"One very useful feature is the plug-in offering that allows you to integrate it with other solutions, such as integrating it with plug-ins like Scout, Carbon Black, and the rest."
"The simplicity of the solution is the best feature."
"This console gives you the entire view, which makes life easier and allows you to take precautionary measures."
"It protect us from multiple authentication values, unauthorized access and antivirus threats."
"A nice benefit is when we go to the process of selecting our youth cases, they go by building blocks. QRadar links it to building blocks."
"The solution is reliable."
"No doubt about it, the solution is extremely stable."
"QRadar shows very effective correlations. If you combine all the logins plus user behavior and the current intelligence, it gives a very good correlation for business. I think it reduces the false positives in user activity monitoring because there is a lot of social information to correlate with other data."
"It would be highly beneficial if CoPilot could identify anomalies within the network and notify the IT team."
"The cost can be high if you want to build custom license packages. Another area for improvement is the policies. In Azure, we need to implement policies in JSON format, but in 365 Defender 365, it would be helpful to use a different format so we can customize the platform."
"The web filtering solution needs to be improved because currently, it is very simple."
"In the beginning, it's difficult to navigate the system because it is quite large. Just trying to find your way and understand how the system works can be hard. After spending quite a lot of time searching it's a lot easier, but I wish it were a bit more user-friendly when you're trying to find things."
"Because of the training model, Defender XDR's automatic response sometimes blocks legitimate users and activities. Also, the UI sometimes responds slowly."
"Improving scalability, especially for very large tenants, could be beneficial for Microsoft Defender XDR."
"Correctly updated records are the most significant area for improvement. There have been times when we were notified of a required fix; we would carry out the fix and confirm it but still get the same notification a week later. This seems to be a delay in records being updated and leads to false reporting, which is something that needs to be fixed."
"I personally have not seen much evidence of how Defender can enhance the story of zero trust for enterprises."
"The reporting is a little weak and could be improved. The other downside is that Cynet does not use the local time zone. It's based off of Greenwich Mean Time."
"A support center in Asia is needed."
"The inability to add contact information inside the Cynet is also an issue because it makes things more complicated. I would like to have a simple feature to enter a contact name and number for the person taking care of that unit or that server."
"The solution lacks URL filtering."
"SIEM - Although with their Centralised Log Management Cynet has created the basis for SIEM functionality, this is to be expanded in the near future."
"They have some things in the pipeline, we understand, and they're going to be able to support Android and all these other devices soon. The key is the devices - which is an aspect that is lacking right now. Every company has that problem, not just Cynet."
"I would like to see more emphasis on building the data lake and storing all endpoint data in the enterprise data lake so that data mining can be performed"
"Could have better integration with other security applications."
"It doesn't have a SOAR system by default. You need to purchase it additionally, which is the main problem with QRadar."
"The whole process for support is something that needs to be improved."
"I'd like them to improve the offense. When QRadar detects something, it creates what it calls offenses. So, it has a rudimentary ticketing system inside of it. This is the same interface that was there when I started using it 12 years ago. It just has not been improved. They do allow integration with IBM Resilient, but IBM Resilient is grotesquely expensive. The most effective integration that IBM offers today is with IBM Resilient, which is an instant response platform. It is a very good platform, but it is very expensive. They really should do something with the offense handling because it is very difficult to scale, and it has limitations. The maximum number of offenses that it can carry is 16K. After 16K, you have to flush your offenses out. So, it is all or nothing. You lose all your offenses up until that point in time, and you don't have any history within the offense list of older events. If you're dealing with multiple customers, this becomes problematic. That's why you need to use another product to do the actual ticketing. If you wanted the ticket existence, you would normally interface with ServiceNow, SolarWinds, or some other product like that."
"The API integration for AD is a problem when it comes to vulnerability management. If you want to incorporate multiple factor authentication it becomes a problem with the AD. It doesn't integrate well. That needs to be improved."
"If you have too many events that occur, then the storage capacity becomes a problem. You need to have more storage."
"The dashboard and reports are not user-friendly or efficient so are of little help with threat hunting activity."
"The threat intelligence functionality can be better. In addition, it can have more monitoring capabilities."
"The biggest problem was built on top of the QRadar in the executive operations center network. The integration was not using the network security specialist properly, and all the incidents were inferior with QRadar. Its compatibility is not really good."
Cynet is ranked 4th in User Entity Behavior Analytics (UEBA) with 35 reviews while IBM Security QRadar is ranked 1st in User Entity Behavior Analytics (UEBA) with 198 reviews. Cynet is rated 8.8, while IBM Security QRadar is rated 8.0. The top reviewer of Cynet writes "Provides memory protection, device control, and vulnerability management". On the other hand, the top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". Cynet is most compared with CrowdStrike Falcon, SentinelOne Singularity Complete, ESET Endpoint Protection Platform, Microsoft Defender for Endpoint and Cortex XDR by Palo Alto Networks, whereas IBM Security QRadar is most compared with Splunk Enterprise Security, Microsoft Sentinel, Wazuh, LogRhythm SIEM and Elastic Security. See our Cynet vs. IBM Security QRadar report.
See our list of best User Entity Behavior Analytics (UEBA) vendors, best Endpoint Detection and Response (EDR) vendors, and best Extended Detection and Response (XDR) vendors.
We monitor all User Entity Behavior Analytics (UEBA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.