We performed a comparison between IBM Security QRadar and Zabbix based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM)."Azure Application Gateway makes things a lot easier. You can create dashboards, alert rules, hunting and custom queries, and functions with it."
"The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"I like the unified security console. You can close incidents using Sentinel in all other Microsoft Security portals, when it comes to incident response."
"The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
"The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high."
"The standout feature of Sentinel is that, because it's cloud-based and because it's from Microsoft, it integrates really well with all the other Microsoft products. It's really simple to set up and get going."
"The solution offers a lot of data on events. It helps us create specific detection strategies."
"Mainly, this is a cloud-native product. So, there are zero concerns about managing the whole infrastructure on-premises."
"The tool is already automated in many ways, but there are some additional functions which should be automated, like sending an email, mobile notification, and integration of XFS."
"Stability-wise, I rate the solution a ten out of ten."
"Senses, tracks, and links significant incidents and threats."
"I have used IBM QRadar User Behavior Analytics in a Cloud Pak on Amazon, and there it runs on top of it and is easy to assess. Additionally, I have installed processes and characters."
"This is a good tool to have because it gives you the ability to track what is currently happening in your environment."
"This is a distributed application, meaning that a customer can stack small and then scale it so that they can expand pretty effectively. You can use, basically, the same product in an SMB or a large enterprise."
"It is very stable. We have not faced interruptions in the past four and a half years."
"The scalability is very good. It's not a problem."
"The performance and bandwidth are valuable features."
"The level of discovery-based configuration that lets us auto-configure the monitoring for various systems is a valuable feature."
"There are lots of great features and functionality within the solution."
"Zabbix is a cost-effective solution. We're a small organization with a few dozen devices to monitor, and it was available for free. We can see what we need. We haven't done an in-depth analysis on it, but we're currently okay with the product."
"Zabbix is very easy to implement."
"The integration with third-party tools and the alerts are most valuable."
"The most valuable feature is that it provides network segregation for server monitoring."
"Zabbix has a roadmap and they are continuously and frequently adding new features."
"Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized."
"The only thing is sometimes you can have a false positive."
"They only classify alerts into three categories: high, medium, and low. So, from the user's point of view, having another critical category would be awesome."
"Sentinel provides decent visibility, but it's sometimes a little cumbersome to get to the information I want because there is so much information. I would also like to see more seamless integration between Sentinel and third-party security products."
"Add more out-of-the-box connectors with other SaaS platforms/applications."
"It could have a better API to be able to automate many things more extensively and get more extensive data and more expensive deployment possibilities. It can gain some points on the automation part and the integration part. The API is very limited, and I would like to see it extended a bit more."
"The KQL query does not function effectively with Windows 11 machines, and in the majority of machine-based investigations, KQL queries are essential for organizing the data during investigations."
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"IBM QRadar User Behavior Analytics is good, but I think the functionality should be much more integrated. You should have easy access to the artifacts if you are doing a particular investigation. It's good, but other team solutions like LogRhythm are actually merging the functionality. So, I think that is something IBM can work on."
"The solution is highly used here in Pakistan and in many sectors, they could improve it by having more SIEM connectors."
"The user interface is a bit clunky, a bit hard to find what you need."
"The only problem is that if you have too many events that occur, then the storage capacity becomes a problem. We would need to increase the storage capacity."
"It is not app based."
"The technical support can be improved a little bit, and the price could be cheaper."
"QRadar needs to be more specialized, along the lines of what other SIEM solutions are."
"I have noticed the interface has room for improvement."
"Its UI should be improved. They did some improvements in version 5, but it could benefit from some more work. Its integrations should also be improved. They've been active for one year, and they seem to have noticed that. It has new integrations, but it could benefit from more integrations. As far as I know, there is no model to push statistics, metrics, or events towards Zabbix. This type of API isn't yet there, whereas some other tools provide an API for this."
"Correlation of events would be a wonderful addition."
"Even though it’s such a powerful monitoring system, it would be more helpful if it had a flexible UI."
"The dashboard and the graph section could be a little bit more professional."
"The main problem with Zabbix is that you have to spend time writing templates for all of the products that you have."
"My company wanted to do an exercise command to access IT from Cameroon. They wanted to access an FSS to a second host with second equipment that was on another coast but it is not possible on Zabbix to do it. They want to directly access from the front-end of Zabbix to access a prompt in Zabbix to an access terminal. In the front-end, there is no way to do that. That would be an important improvement."
"The APM monitoring has room for improvement, although I hear that the new 5.2 version has some improvements in that area, and I'd like to give that a go. I would like to see a few more templates out there for different styles of monitoring. I use the Grafana interface for reporting. I would also like it to have an out-of-the-box ability to email reports. You can create reports, but to be able to email those reports would be really helpful. I've got users who are not interested in logging in and generating a report. They want it all pre-canned and sent to an email address. It would also be really handy if we could pin certain reports up onto platforms such as Teams or SharePoint. A GUI for the proxy server would be cool to have for debugging purposes and for the support teams to have a look at, but I don't know whether that's really feasible to do. I get enough from the log files themselves."
"We had some scalability issues with a large number of nodes."
IBM Security QRadar is ranked 4th in Security Information and Event Management (SIEM) with 198 reviews while Zabbix is ranked 1st in Network Monitoring Software with 100 reviews. IBM Security QRadar is rated 8.0, while Zabbix is rated 8.2. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Zabbix writes "Allows any number of customizations but lacks functionality for finding root causes". IBM Security QRadar is most compared with Splunk Enterprise Security, Wazuh, LogRhythm SIEM, Elastic Security and Sentinel, whereas Zabbix is most compared with Centreon, Checkmk, SolarWinds NPM, Nagios Core and Nagios XI.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.