We performed a comparison between Google Chronicle Suite and IBM Security QRadar based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The initial setup is very simple and straightforward."
"We’ve got process improvement that's happened across multiple different fronts within the organization, within our IT organization based on this tool being in place."
"I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"It is quite efficient. It helps our clients in identifying their security issues and respond quickly. Our clients want to automate incident response and all those things."
"Native integration with Microsoft security products or other Microsoft software is also crucial. For example, we can integrate Sentinel with Office 365 with one click. Other integrations aren't as easy. Sometimes, we have to do it manually."
"Another area where it is helping us is in creating a single dashboard for our environment. We can collect all the logs into a log analytics workset and run queries on top of it. We get all the results in the dashboard. Even a layman can understand this stuff. The way Microsoft presents it is really incredible."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."
"What sets Chronicle apart from other solutions is its emphasis on threat hunting rather than solely serving as a monitoring tool."
"The tool's most valuable feature is the search option, allowing easy navigation."
"The log folder is fairly simple."
"The product's most valuable feature is threat hunting. We can detect the threats directly from the console from the past data as well."
"Google Chronicle Suite is a highly scalable solution with good search capabilities."
"Google Chronicle Suite provides useful APIs."
"The support team is responsive."
"The platform's most valuable features are multiple connectors and data output flexibility regarding dashboards and user experience."
"We've found the technical support to be very good."
"IBM QRadar is great help from its security event monitoring to data center and NOC troubleshooting of issues hard for other departments to spot."
"It has improved my efficiency."
"Integrations are quite a useful and key feature of this solution. It has integration with the CVSS score, which is a central point for all the data and scores about the threats. There is an IBM Bluemix dashboard that is integrated with the CVSS score."
"The simplicity of the solution is the best feature."
"It comes with many rules disabled. You can tune them and modify them according to your enterprise needs and avoid false positives."
"The detection rate is good and the false positive rate is low."
"Stability-wise, I rate the solution a ten out of ten."
"When we pass KPIs to the governance department, there's no option to provide rights to the data or dashboard to colleagues. We can use Power BI for this, but it isn't easy or convenient. They should just come up with a way to provide limited role-based access to auditing personnel"
"When it comes to ingesting Azure native log sources, some of the log sources are specific to the subscription, and it is not always very clear."
"There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds."
"We're satisfied with the comprehensiveness of the security protection. That said, we do have issues sometimes where there have been global outages and we need to raise a ticket with Microsoft."
"Some of the data connectors are outdated, at least the ones that utilize Linux machines for log forwarding. I believe that Microsoft is already working on improving this."
"Sentinel could improve its ticketing and management. A few customers I have worked with liked to take the data created in Sentinel. You can make some basic efforts around that, but the customers wanted to push it to a third-party system so they could set up a proper ticketing management system, like ServiceNow, Jira, etc."
"Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized."
"Multi-tenancy, in my opinion, needs to be improved. I believe it can do better as a managed service provider."
"The tool is complicated for a first-time user. It should also include newer APIs."
"A few areas are difficult to understand for someone who has less experience using the product."
"The solution's graphical user interface (GUI) should be more user-friendly."
"The tool needs to improve tasking packages. Its GUI needs to be improved. The product needs to include time-based filtration. We can only see the alert detection timeline now."
"The configuration is not optimal."
"In terms of improvement, the UI can be a bit challenging for beginners."
"The tool is a little bit difficult to use compared to Microsoft Sentinel."
"The product's default dashboard feature has a few limitations regarding availability."
"The AQL queries could be better."
"The implementation and configuration are not easy."
"The tech support is not that good."
"The pricing of the solution is a bit high. If they could lower it, that would be ideal."
"The features that could be improved include the licensing model and the dashboards and all those presentations. Overall, the user experience part can be improved."
"AI is superb but need improvements."
"I would like to see some artificial intelligence and alternative solutions."
"The technical support is poor. Mostly because when I open a PMR for IBM, I am stuck with Level 1 staff. As an engineer, nothing that I am bringing them does not require Level 2 or Level 3 support."
Google Chronicle Suite is ranked 28th in Security Information and Event Management (SIEM) with 8 reviews while IBM Security QRadar is ranked 4th in Security Information and Event Management (SIEM) with 198 reviews. Google Chronicle Suite is rated 7.8, while IBM Security QRadar is rated 8.0. The top reviewer of Google Chronicle Suite writes "Swiftly navigates and analyzes extensive datasets without significant delays ". On the other hand, the top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". Google Chronicle Suite is most compared with Splunk Enterprise Security, AWS Security Hub, Sentinel, Elastic Security and Rapid7 InsightIDR, whereas IBM Security QRadar is most compared with Splunk Enterprise Security, Wazuh, LogRhythm SIEM, Elastic Security and Datadog. See our Google Chronicle Suite vs. IBM Security QRadar report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.