We performed a comparison between IBM Security QRadar and Securonix UEBA based on real PeerSpot user reviews.
Find out in this report how the two User Entity Behavior Analytics (UEBA) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I have found IBM QRadar to be scalable."
"The feature that I have found most valuable is its artificial intelligence component, Watson. Its contribution is pretty good from a machine-learning artificial intelligence perspective. This compliments the orchestration automation component, as well."
"This solution provides me with various alarms, and I have found security issues with some of my other products."
"The timeline and machine learning features are great."
"There are other third-party plugins that we can use."
"The best feature of IBM QRadar is visualization which shows you when there's a spike in the system, and this makes you realize that there's something wrong with the log."
"It has improved my efficiency."
"The initial setup is not complex or difficult."
"Their user and entity behavior analysis algorithms are the most valuable features."
"The feature dashboard is very well organized and intuitive to use. It organizes information on a timeline which is exactly what we need for insider threat future-analysis."
"One of the most valuable features is UEBA. It's pretty helpful for us to make sure of our thresholds for any of our clients."
"The custom rules could be simplified more or it should be possible to use a different language, other than the ones that the solution is already using. They should add other languages into the mix."
"I would suggest QRadar release any documentation or give an online demo, like videos on YouTube. It would increase publicity and public appeal."
"I don't look at only the features and benefits; I also look at the price. It is a bit expensive when compared with other solutions. It is expensive for specific deployment topologies, and the decision-makers go for alternatives like ArcSight. It should also have more AI features or capabilities for better threat intelligence. The more it uses machine learning, the better would be the dashboard, analytics, and other things."
"IBM technical support is always terrible."
"When it comes to what could be better, it is always what others are trying to do and what is the roadmap. It can have more integration. It should have more flexible RESTful APIs for integration with applications. These are the things that are always in demand for any of the SIEM solutions, not only for QRadar. Integration is ever-evolving. Nowadays, different versions of mobile handsets are there and data is getting scattered. Users are using their personal handsets to keep the data of the organization. So, it should have a more flexible integration, irrespective of the flavor of the firmware and iOS or Android version. It should have an API that can seamlessly get integrated. It should also provide more flexible control and a more advanced or analytical view to see what exactly is happening across the globe or network. From wherever a user is connecting and accessing the enterprise data, it should give real-time visibility and predictive visibility about what exactly is happening. These things are already there, but there should be more advanced control in terms of managing the security."
"SOAR is what is expected the most from QRadar. They have something called SOAR Resilient, and it would be great if that gets induced in SIEM. IBM QRadar (as well as McAfee ESM) should have analytics platform integration. Currently, SIEMs don't have full-fledged integration with analytics where we are able to dump our data in SIEM, and the same data can be called from different analytics applications. We should be able to bring this data to a platform like Hadoop for big data and run the analytics there. Currently, people are seeing the past data and taking some actions in the present, but when it comes to analytics, there should be futuristic data where you can predict something out of your present and past data. Apart from that, I would like to see a full-fledged ITSM tool in QRadar. It sometimes has some technical issues that need to be checked. It requires a dedicated QRadar engineer to completely manage it. It has different module sets, such as event collector and event processor, and some technical glitches come in between. It takes the log but doesn't exactly process it in the way we want."
"There is a lot of manual configuration required in order for the product to run smoothly, and I think that it could be made more automatic."
"IBM QRadar has outdated technology, and this is its area for improvement. When you try to implement an analytic expression, it's not updated. The solution doesn't support newer technologies, and it doesn't update regularly. For example, around the world, others implement new technologies, while IBM updates later than others."
"The area that needs improvement is reporting."
"There is room for improvement in the algorithms. Although I said that we have a very solid starting point - our existing library is already very comprehensive - we constantly find areas where we need to develop new algorithms. That is common across platforms. Any vendor with a solid starting point would still need to continue to evolve."
"When compared to others, if you look at the integration aspect, I believe that some aspects of integration can be enhanced."
IBM Security QRadar is ranked 1st in User Entity Behavior Analytics (UEBA) with 198 reviews while Securonix UEBA is ranked 14th in User Entity Behavior Analytics (UEBA) with 3 reviews. IBM Security QRadar is rated 8.0, while Securonix UEBA is rated 10.0. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Securonix UEBA writes "Inbuilt detection algorithms, attentive technical support, and reasonably priced". IBM Security QRadar is most compared with Splunk Enterprise Security, Microsoft Sentinel, Wazuh, LogRhythm SIEM and Elastic Security, whereas Securonix UEBA is most compared with Splunk User Behavior Analytics and ArcSight Analytics. See our IBM Security QRadar vs. Securonix UEBA report.
See our list of best User Entity Behavior Analytics (UEBA) vendors.
We monitor all User Entity Behavior Analytics (UEBA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
All three security solutions are defined and different smartness they hold it all depends on how is your requirement.
Securonix UEBA is a Hadoop bases UEBA technology tool the tools understand the infrastructure and users and then work accordingly. (Wide Customer industry support) (Average cost)
IBM QRadar is a SIEM with all in the composite tool can bring in UEBA and other security solution. (Wide Customer industry support) (Average cost)
Exabeam is a mathematical bases security solutioning tool, it learns infra and then provides a solution, it's a bit noisy in some instances. (Medium Customer industry support) (Costly)
If you tell us what exactly you require or how id your infra set up, then it would good to suggest a tool.