We performed a comparison between Exabeam Fusion SIEM and IBM Security QRadar based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Log aggregation and data connectors are the most valuable features."
"The best functionality that you can get from Azure Sentinel is the SOAR capability. So, you can estimate any type of activity, such as when an alert was triggered or an incident was found."
"The best feature is that onboarding to the SIM solution is quite easy. If you are using cloud-based solutions, it's just a few clicks to migrate it."
"The machine learning and artificial intelligence on offer are great."
"I like the KQL query. It simplifies getting data from the table and seeing the logs. All you need to know are the table names. It's quite easy to build use cases by using KQL."
"The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"We’ve got process improvement that's happened across multiple different fronts within the organization, within our IT organization based on this tool being in place."
"The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high."
"The user interface and the timelines they use are the most valuable features. The price model is very simple so that one can understand it easily and there are no surprises within it."
"The advanced analytics has a really great overview of user behavior."
"Timeline based analysis; good platform support"
"The most valuable feature of Exabeam Fusion SIEM is the easy-to-use user interface."
"I have customers that like the EUBA functionality of it. The solution has the ability to build a session, basically. It pulls a lot of information together, for example, everything a user does in a specific timeframe. It's quite helpful."
"Exabeam Fusion SIEM has a good performance and more advantages than traditional solutions."
"The solution's initial setup process is easy."
"The setup is not difficult. It was easy."
"IBM QRadar is easy to scale, it doesn't affect the environment. In our office, we have around 40 - 50 users, but our clients have more users on their networks. Our organization has staff in the software department that manages IBM QRadar for us."
"The correlation and the parsing are important features, since it is very important for a SIEM to have a good scalability and performance."
"One of the most valuable features is its ability to integrate with other solutions. IBM has a lot of solutions and we have managed to make it work with IBM BigFix and MaaS360, and even Microsoft."
"The best feature of IBM QRadar is visualization which shows you when there's a spike in the system, and this makes you realize that there's something wrong with the log."
"The visibility it gives you into your infrastructure has been great."
"The product has plenty of features and capabilities."
"It's hard for me to pinpoint any one feature that's most valuable because it is all about consuming logs and analyzing them. We started using QRadar UBA because we needed something that could analyze Linux authentication information. Other products take care of the Windows platform."
"The ability to add extensions is the most valuable feature. For example, extensions that provide valuable test ports."
"There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds."
"The KQL query does not function effectively with Windows 11 machines, and in the majority of machine-based investigations, KQL queries are essential for organizing the data during investigations."
"If Azure Sentinel had the ability to ingest Azure services from different tenants into another tenant that was hosting Azure Sentinel, and not lose any metadata, that would be a huge benefit to a lot of companies."
"The product can be improved by reducing the cost to use AI machine learning."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems."
"Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex."
"I think the number one area of improvement for Sentinel would be the cost."
"The only problem is that the UI is not very impressive."
"Adding to the number of certifications that they have, for example, ISO 27001, would be helpful."
"They should provide detailed information about detecting phishing emails."
"The organzation is rigid and not flexible in the way they operate"
"We still have questions surrounding hardware deployment."
"Updating the new release of Exabeam Fusion SIEM takes time and slows our performance."
"We had a large volume right from the beginning and they weren't quite prepared for that. That's something that they should think about when it comes to customers that have a large volume to start off with."
"The initial setup of Exabeam Fusion SIEM is complex because it needs to integrate with the SIEM solution, but after this is complete it is straightforward."
"The usability of interfaces could be improved."
"It is very difficult to activate all of the network equipment, and it would help if it were made easier."
"There should be easier and wider integration opportunities. There should be more opportunities for integration with CTI info sharing areas. On platforms where you exchange CTI, there should be more visibility connected to what we share, what we can reach, or what options are connected to CTI info sharing. This is one area where they could add value because we cannot integrate it easily with QRadar. If a client has a legacy or already existing solutions for CTI, we cannot ask them to forget it because we cannot guarantee that QRadar is able to deliver everything connected to this area."
"IBM QRadar User Behavior Analytics could improve machine learning use cases because they are limited and most of the use cases are rule-based. They should develop more use cases, such as in Securonix or Exabeam because they will detect a threat. Using machine learning is mainly on the correlation rules, but if you think about Exabeam or Securonix, they detect using machine learning or machine learning-based algorithms."
"The quoting and the dashboard session could be improved. It should be more user-friendly."
"GUI needs to be improved."
"IBM technical support is always terrible."
"The solution should enhance its capabilities of UEBA and AI/ML tech modeling."
Exabeam Fusion SIEM is ranked 29th in Security Information and Event Management (SIEM) with 10 reviews while IBM Security QRadar is ranked 4th in Security Information and Event Management (SIEM) with 198 reviews. Exabeam Fusion SIEM is rated 8.0, while IBM Security QRadar is rated 8.0. The top reviewer of Exabeam Fusion SIEM writes "Enables centralized log collection on a single platform". On the other hand, the top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". Exabeam Fusion SIEM is most compared with Splunk Enterprise Security, Splunk User Behavior Analytics, Palo Alto Networks Cortex XSOAR, Gurucul UEBA and Cortex XSIAM, whereas IBM Security QRadar is most compared with Splunk Enterprise Security, Wazuh, LogRhythm SIEM, Elastic Security and Sentinel. See our Exabeam Fusion SIEM vs. IBM Security QRadar report.
See our list of best Security Information and Event Management (SIEM) vendors, best Log Management vendors, and best User Entity Behavior Analytics (UEBA) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.