We performed a comparison between IBM Security QRadar and Datadog based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: QRadar users say the solution provides extensive information and helpful leads for locating pertinent data. QRadar stands out with its comprehensive network visibility and strong SIEM capabilities. Datadog users like its customizable displays, error tracking, and advanced AI/ML capabilities. QRadar could improve its rule deployment and lower its false positive rate. Users would also like expanded storage capacity, streamlined user management, and a more mature architecture. Datadog could enhance its usability and reduce its learning curve. Users said integration was another pain point.
Service and Support: Some QRadar customers have had trouble connecting with knowledgeable support staff and experienced delayed responses. While many users spoke highly of Datadog’s support team, others reported slow support, especially in the Asia-Pacific region.
Ease of Deployment: QRadar's initial setup can be complex for users without expertise, and the difficulty may vary depending on the size of the data set. Datadog’s setup is considered straightforward, and users often receive help from a partner or vendor.
Pricing: QRadar can be costly because users need to buy new hardware to upgrade. Opinions about Datadog's price are divided. Some users found it costly, but others thought it was acceptable. Some said the pricing model could be clearer and better explained.
ROI: QRadar delivers a high return on investment, improving security through its advanced user behavior analytics. Users said Datadog saved them time and improved visibility into security blind spots.
"Datadog's log aggregation is really helpful since it lets me and every other engineer on my team login, view, and share logs when we need to debug our application."
"This spectrum of solutions has allowed us to track down bugs faster and more rapidly, which allows us to limit revenue lost during downtime."
"The observability on offer is the most useful aspect of the product."
"Profiling has been made easier."
"The management of SLOs and their related burn-rate monitors have allowed us to onboard teams to on-call fast."
"We have found that we're able to get in and out of troubleshooting issues much more rapidly, which in turn, of course, enables us to spend more time on our products."
"Datadog has so far been a breeze to use and set up."
"Flame graphs are pretty useful for understanding how GraphQL resolves our federated queries when it comes to identifying slow points in our requests. In our microservice environment with 170 services."
"The ability to add extensions is the most valuable feature. For example, extensions that provide valuable test ports."
"Most of the features are good. It is an excellent solution."
"The tool is already automated in many ways, but there are some additional functions which should be automated, like sending an email, mobile notification, and integration of XFS."
"An engineer can live-monitor all the flow happening in real-time. This would help us a lot while investigating a case, and it would even help us with preventive actions."
"I think it's a very stable product that provides much more visibility than the other product."
"The support is very good. We get support whenever we need it. Sometimes they respond immediately and sometimes it will be within 24 hours. We can ask them to please do it right away and they can get a request done within an hour or two."
"It's a state-of-the-art product for security information and event management (SIEM)."
"This is a distributed application, meaning that a customer can stack small and then scale it so that they can expand pretty effectively. You can use, basically, the same product in an SMB or a large enterprise."
"It is very difficult to make the solutions fit perfectly for large organizations, especially in terms of high cardinality objects and multi-tenancy, where the data needs to be rolled up to a summarized level while maintaining its individual data granularity and identifiers."
"Datadog is expensive."
"The documentation leaves a lot to be desired for new users."
"They should continue expanding and integrating with more third-party apps."
"The Log Explorer could be better. I don't think it has log manipulation as Splunk does."
"It can have a more modernized pricing mechanism. We're actually working with them to figure out how to become more modular and have a better and more modernized pricing mechanism. The issue with Datadog is that you have to buy the whole suite of different products, and you kind of get stuck in the old utilization of 40% of their suite. Most organizations today break down between application development, networking, and security. Therefore, there should be a way to break down different modules into just app dev, infosec, networking, etc. Customers have various needs across their business lines, and sometimes, they're just not willing to have tools that they're not using 100%. AppDynamics is probably a little bit better in terms of being modular."
"We need more advanced querying against logs."
"Sometimes, it takes a long time to load the dashboard if we have many charts."
"They should speed up the incident response and also, at the same time, reduce the amount of manual effort that is required."
"Some UI enhancements would be nice, such as exporting custom event properties and the ability to export rules."
"We have had problems with networking."
"IBM Security QRadar’s GUI could be improved."
"The features that could be improved include the licensing model and the dashboards and all those presentations. Overall, the user experience part can be improved."
"In a future release, the solution could provide malware analysis."
"There should be more opportunity for community kind of distribution where, for example, if there was a zero-day threat targeting companies."
"The only challenge is that IBM has been a closed enterprise. It should be more open to integrating with other providers at an enterprise level. We're a bank and the core banking system integration is not way straightforward and there is no integration between IBM and these products. If IBM could open up and provide a way of integrating it seamlessly, without charging more for it, that would make a big difference."
Datadog is ranked 3rd in Log Management with 137 reviews while IBM Security QRadar is ranked 6th in Log Management with 198 reviews. Datadog is rated 8.6, while IBM Security QRadar is rated 8.0. The top reviewer of Datadog writes "Very good RUM, synthetics, and infrastructure host maps". On the other hand, the top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". Datadog is most compared with Dynatrace, Azure Monitor, New Relic, AWS X-Ray and Elastic Observability, whereas IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Google Chronicle Suite. See our Datadog vs. IBM Security QRadar report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.