We performed a comparison between IBM Security QRadar and Oracle Security Monitoring and Analytics Cloud Service based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM)."Sentinel enables us to ingest data from our entire ecosystem. In addition to integrating our Cisco ASA Firewall logs, we get our Palo Alto proxy logs and some on-premises data coming from our hardware devices... That is very important and is one way Sentinel is playing a wider role in our environment."
"Having your logs put all in one place with machine learning working on those logs is a good feature. I don't need to start thinking, "Where are my logs?" My logs are in a centralized repository, like Log Analytics, which is why you can't use Sentinel without Log Analytics. Having all those logs in one place is an advantage."
"We’ve got process improvement that's happened across multiple different fronts within the organization, within our IT organization based on this tool being in place."
"I like the unified security console. You can close incidents using Sentinel in all other Microsoft Security portals, when it comes to incident response."
"Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."
"Sentinel pricing is good"
"We have no complaints about the features or functionality."
"Azure Application Gateway makes things a lot easier. You can create dashboards, alert rules, hunting and custom queries, and functions with it."
"It also has a graph that shows the traffic history. I can see what happened yesterday or today. If there's an incident, I can check the traffic behavior on QRadar."
"No doubt about it, the solution is extremely stable."
"The most valuable features are the AI assistant, which is good at detecting known types of behavior."
"The product provides a complete platform for ingesting the log, doing the correlations and handling the runtime."
"It is a very good SIEM."
"I have found visibility very helpful for analytics."
"Provided that the report is prebuilt and I can find what I am looking for, the reporting is the most valuable feature in this solution."
"It'll get you from point A to B."
"The security level that they are maintaining with the pre-authentication keys is very good."
More Oracle Security Monitoring and Analytics Cloud Service Pros →
"There is room for improvement in entity behavior and the integration site."
"Sentinel still has some anomalies. For example, sometimes when we write a query for log analysis with KQL, it doesn't give us the data in a proper way... Also, the fields or columns could be improved. Sometimes, it is not giving the desired results and there is a blank field."
"If I see an alert and I want to drill down and get more details about the alert, it's not just one click. In other SIEM tools, you just have to click the IP address of the entity and they give you the complete picture. In Sentinel, you have to write queries or use saved queries to get details."
"Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"The AI capabilities must be improved."
"The playbook is a bit difficult and could be improved."
"We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers."
"The initial setup requires that you have somebody with the proper skill set, and it would help if the configuration were easier."
"The solution should include remote action capabilities."
"They should provide more manual examples online so that I can learn it myself."
"IBM Security QRadar lacks automated response. With this feature, there's no need to visit VirusTotal or other sites for IP reputation. There should be a small plug-in where users can click to retrieve details about the reputation and organization of public IP."
"Certain updates—especially when using Azure—don't apply directly. Our engineering team must invest additional effort to implement these updates. However, the tool's cloud-based version poses no issues. However, upgrading the product can sometimes be challenging for on-premises instances."
"IBM Qradar could improve the reporting. The tool is not designed to report. It's a great operational monitoring tool. You put it on a screen and you watch it. If you want to have analytics out of it, that's a whole different story. You're going to need more people and tools. What should be added is reporting and integration into Power BI, into some capability that produces analytical reports from the source data. IBM does not seem to care to add these features."
"The advanced planning management (APM) features should be included."
"I have noticed the interface has room for improvement."
"The solution could improve by providing better documentation for beginners to learn, such as videos or other tutorials."
More Oracle Security Monitoring and Analytics Cloud Service Cons →
More Oracle Security Monitoring and Analytics Cloud Service Pricing and Cost Advice →
Earn 20 points
IBM Security QRadar is ranked 4th in Security Information and Event Management (SIEM) with 198 reviews while Oracle Security Monitoring and Analytics Cloud Service is ranked 43rd in Security Information and Event Management (SIEM). IBM Security QRadar is rated 8.0, while Oracle Security Monitoring and Analytics Cloud Service is rated 7.0. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Oracle Security Monitoring and Analytics Cloud Service writes " Easy to install, highly secure standards, and reliable". IBM Security QRadar is most compared with Splunk Enterprise Security, Wazuh, LogRhythm SIEM, Elastic Security and Sentinel, whereas Oracle Security Monitoring and Analytics Cloud Service is most compared with AWS Security Hub, LogRhythm SIEM, Exabeam Fusion SIEM and Rapid7 InsightVM.
See our list of best Security Information and Event Management (SIEM) vendors and best User Entity Behavior Analytics (UEBA) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.