We performed a comparison between IBM Security QRadar and Secureworks Taegis ManagedXDR based on real PeerSpot user reviews.
Find out in this report how the two Managed Detection and Response (MDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Binary Defense has a human service department that provides live monitoring for our systems."
"The most valuable part of Binary Defense is its team of cybersecurity analysts. Their analysts filter out the noise and only forward the critical threats that require a response instead of false positives."
"The best part about Binary Defense MDR is that it runs on everything, and they keep an eye on things 24/7."
"The most valuable features are the SIEM and the ticketing function; the latter is very smooth and easy to read and understand. We don't have any issues looking at the ticketing information when we're trying to identify what's going on."
"One of the main benefits of Binary Defense MDR is the ability to easily meet with their support team to discuss any issues we encounter."
"The most valuable feature is reviewing tickets and the notes added by technicians."
"The biggest aspect for us is that they are able to conform to our environment and utilize our tools. That way, we still maintain ownership of all the data and access to the applications, and we never lose control of the ability to run the solution ourselves if we need to."
"Among the valuable features are the agent, continuous reporting, and dashboard. It has all the features we need and we haven't had to customize it, other than turning on certain features that we wanted."
"There are a lot of great out-of-the-box features included."
"The solution is flexible and easy to use."
"Vulnerability detection is the most valuable feature. It's the tool that finds the threats."
"It saves a lot of time. We integrate the customer's firewall with all their networking devices."
"It is incredibly easy to deploy. All the appliances are flexible in the roles that they serve and are all managed the in the same way."
"The solution can scale."
"The best feature of IBM QRadar is visualization which shows you when there's a spike in the system, and this makes you realize that there's something wrong with the log."
"This solution has excellent security analytics."
"This solution gathers the information logs from all devices and correlates all the information. It notifies us of any critical events taking place across our networks which has been valuable."
"The most valuable feature is the fast alerting and response time."
"There are some patent pending detectors within the platform that provides a lot of value."
"The most valuable features are IDS and IPS."
"We don't have a full SOC, so it's helpful to have them sifting through our alerts and only bringing actionable items to us."
"The pricing is flexible."
"The solution definitely made us way more aware of the possibilities out there."
"It provides more visibility and more control over endpoints. It reduces the noise. It clears things and only shows things that are really important. It only shows those things that need to be looked at or need to be investigated further. Other similar solutions give you a lot of alerts and other things, but Secureworks gives you a defined or less noisy view so that you can work or focus on things that are important in terms of investigation, response, and remediation."
"It's hard to think of anything that they need to improve on, but just to point out something, I would like to see them provide advanced XDR."
"We found that an earlier version of the agent had high memory usage and that was a bit concerning, but we raised the concern with their support team and they immediately replied that they had noticed the same thing and had a candidate fix already available... it totally fixed the issue."
"The most significant area for improvement is in support for non-English speakers; we're a global organization, so many of our users are not English speakers, which can make interacting with them a challenge. There's no Chinese language support, so we must rely on what we can do with the internet. We don't expect Binary Defense to build a language staff, but details can get lost in translation when we assume the whole world speaks English."
"Binary Defense MDR could be even better with additional features, like automatic scans and file quarantine."
"If I were shopping for an MDR solution today, I would not only look for a company that has the ability to alert, detect, and remediate, but also the ability to integrate vulnerability management. That's a big thing that they're lacking today."
"I don't find any downside to them, but if I have to put one, it would be consistent manpower or staffing. The only area where the solution can be improved is going to be with people. As they grow, they are struggling with the same thing that every other company is, which is getting talent and getting that talent to stay, but they've just revised their tiering system to go from a flat analyst and manager to a three-tier solution where it goes through two or three before it gets elevated. That seems to have worked out well, so if one level misses it, the next one picks it up, and it works out fine."
"It's sometimes difficult to know when to engage Binary Defense or TrustedSec, their sister company. TrustedSec is more focused on offensive security, as opposed to the defensive security that the MDR solution provides. It would be awesome if there were a better bridge between that relationship for when we need to get more proactive services or when we need to do a penetration test."
"The only area I see for improvement with Binary Defense is their service portal. It could benefit from some enhancements."
"The dashboard and reports are not user-friendly or efficient so are of little help with threat hunting activity."
"We would like to see better instrumentation for debugging changes in the log flow."
"The released patch quality is poor. IBM should test those patches on their side, not on the client's side."
"The product is good, but one feature they should have is an Elasticsearch. Currently, in QRadar, there are no Elasticsearch criteria."
"IBM QRadar User Behavior Analytics is good, but I think the functionality should be much more integrated. You should have easy access to the artifacts if you are doing a particular investigation. It's good, but other team solutions like LogRhythm are actually merging the functionality. So, I think that is something IBM can work on."
"There is one problem with QRadar in regards to the add-on apps. The apps can be frustrating. For example, when I add a big app like one of the add-ons for resiliency, add-on applications for QRadar, these applications require different hardware to implement and to deploy. The resiliency connector because there's a considerable amount of data scanning, operates for these apps correctly."
"Right now, if you look at the compatibility, if you need to deploy QRadar in a physical appliance you have only two choices of server, their own or a Lenovo server. In today's world, you cannot keep something tied to such a big brand. Clients want to be able to use whatever type of server they want."
"The biggest problem was built on top of the QRadar in the executive operations center network. The integration was not using the network security specialist properly, and all the incidents were inferior with QRadar. Its compatibility is not really good."
"It would be nice if the solution were a little more affordable."
"In terms of ROI, I'd be surprised if there is any investment return on the SIM."
"In the next release of this solution, I would like to see file integrity monitoring."
"Tamper-proofing or tamper protection is still pending in Secureworks. Tamper protection will make it more secure. If I'm an admin of a device, I can uninstall an agent without the knowledge of the security or Secureworks admin. If someone gets hold of one endpoint with admin credentials, he can remove anything, and an organization will lose visibility. They need to work on providing more visibility across endpoints. A couple of times it has happened that the cloak agent is there, but it did not get activated, or there were some issues. The machine was restarted, but the cloak agent didn't run. In such cases, you have to troubleshoot. It is a big issue if a cyber attack is happening, and your machine is rebooted, but the events are not captured."
"This solution could be improved with a higher degree of automation such as automated emails, triggers and defining the severity of the cases."
"The integration with the Carbon Black sensor could be better. ManagedXDR doesn't seem to know how to extract the forensic data from an endpoint that was quarantined by Carbon Black."
"We did a PoC of their next-gen antivirus product, but it wasn't ready yet. It was underdeveloped and caused a lot of issues. We'd like to move away from Carbon Black, but they said that it's probably still not to a point where we'd be happy with it. Carbon Black and RedCloak seem to work fine for us."
"The integration would look better with other products, with other EDRs, with other firewalls, with other older versions of firewalls, and the versions of software and hardware."
More Secureworks Taegis ManagedXDR Pricing and Cost Advice →
IBM Security QRadar is ranked 10th in Managed Detection and Response (MDR) with 198 reviews while Secureworks Taegis ManagedXDR is ranked 8th in Managed Detection and Response (MDR) with 13 reviews. IBM Security QRadar is rated 8.0, while Secureworks Taegis ManagedXDR is rated 7.8. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Secureworks Taegis ManagedXDR writes "Offers proactive threat hunting and actively examines our environment". IBM Security QRadar is most compared with Splunk Enterprise Security, Microsoft Sentinel, Wazuh, LogRhythm SIEM and Elastic Security, whereas Secureworks Taegis ManagedXDR is most compared with CrowdStrike Falcon Complete, SentinelOne Vigilance, Rapid7 MDR, Trend Micro Managed XDR and Huntress. See our IBM Security QRadar vs. Secureworks Taegis ManagedXDR report.
See our list of best Managed Detection and Response (MDR) vendors.
We monitor all Managed Detection and Response (MDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.