We performed a comparison between IBM Security QRadar and Vectra AI based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM)."The support is very good. We get support whenever we need it. Sometimes they respond immediately and sometimes it will be within 24 hours. We can ask them to please do it right away and they can get a request done within an hour or two."
"What we like about QRadar and the models that IBM has, is it can go from a small-to-medium enterprise to a larger organization, and it gives you the same value."
"It's a state-of-the-art product for security information and event management (SIEM)."
"The most valuable features of IBM Security QRadar are flexibility, IBM support, and scalability."
"I have found the most important features to be the flexibility, tech framework, and disk manager."
"The ability to add extensions is the most valuable feature. For example, extensions that provide valuable test ports."
"Most valuable features include the granularity of information."
"Blocks of predefined conditions can be used to configure detection rules without having to write complicated script."
"Vectra AI can bring the ability to detect intrusion on the network more so than legacy IDS tools."
"What I like best about Vectra AI is that it alerts you about suspicious activities."
"Some valuable features of Vectra AI are that it is very intuitive and that there are only a small amount of false positives. Therefore, it's an effective solution."
"We particularly like the user experience around the dashboard, which we find to be much more straightforward than the dashboard of some of the competitive products... Vectra is a really easy system to understand and use to prioritize where we need to focus our security resources."
"One of the core features is that Vectra AI triages threats and correlates them with compromised host devices. From a visibility perspective, we can better track the threat across the network. Instead of us potentially finding one device that has been impacted without Vectra AI, it will give us the visibility of everywhere that threat went. Therefore, visibility has increased for us."
"The biggest feature for us, because we are heavy Microsoft users, is its integration with Office 365. On top of Vectra AI, we use all of the Microsoft security platforms, such as Defender ATP and Sentinel. Having full integration and a central platform to look at all of the threats that are coming through from the different platforms is a huge benefit for us."
"The solution is currently used as a central threat detection and response system."
"The UI is easy to use and when we send detection to everybody, they easily understand what we are asking at the time."
"The initial setup requires that you have somebody with the proper skill set, and it would help if the configuration were easier."
"I'm not sure about the stability just yet. We've observed a few issues and we raised a supporting ticket for it."
"The tech support is not that good."
"The pricing of the solution is a bit high. If they could lower it, that would be ideal."
"Its architecture is very complicated."
"There could be improvements made to the UI, the user interface. Though the newer version, 7.3.2, might already have this improvement in place."
"The solution lacks vendor support."
"The released patch quality is poor. IBM should test those patches on their side, not on the client's side."
"We would like to see more information with the syslogs. The syslogs that they send to our SIEM are a bit short compared to what you can see. It would be helpful if they send us more data that we can incorporate into our SIEM, then can correlate with other events."
"If you hit a certain number of rules, triage filters, or groups, the UX responds more slowly. However, we have a complex network and a lot of rules. So, our setup might not be a typical implementation example. We even had UX engineers onsite, and they looked at issues, improvements, and user feedback. Since then, it has gotten a lot better, they even built in features that we specifically requested for our company."
"The solution's marketing is not good."
"You are always limited with visibility on the host due to the fact that it is a network based tool. It gives you visibility on certain elements of the attack path, but it doesn't necessarily give you visibility on everything. Specifically, the initial intrusion side of things that doesn't necessarily see the initial compromise. It doesn't see stuff that goes on the host, such as where scripts are run. Even though you are seeing traffic, it doesn't necessarily see the malicious payload. Therefore, it's very difficult for it to identify these type of host-driven complex attacks."
"There could be an option where Vectra manages the solution remotely, and when there is an attack, there could be a notification center to give us information about the attack."
"In education as a sector, we are looking at AI a lot in terms of how it can be used as part of the teaching and learning side of things. It would be great to have Vectra AI look at a better way to enhance the security posture related to the AI tools in our portfolio."
"I'd like to be able to get granular reports and to be able to output them into formats that are customizable and more useful. The reporting GUI is lacking."
"There is room for improvement in the documentation. We would like to have more details on how it detects what we see."
IBM Security QRadar is ranked 4th in Security Information and Event Management (SIEM) with 198 reviews while Vectra AI is ranked 2nd in Intrusion Detection and Prevention Software (IDPS) with 42 reviews. IBM Security QRadar is rated 8.0, while Vectra AI is rated 8.6. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Vectra AI writes "Integrates well with other security solutions and provides good technical support". IBM Security QRadar is most compared with Splunk Enterprise Security, Microsoft Sentinel, Wazuh, LogRhythm SIEM and Elastic Security, whereas Vectra AI is most compared with Darktrace, ExtraHop Reveal(x), Cisco Secure Network Analytics, Arista NDR and Corelight.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.