We performed a comparison between IBM Security QRadar and IBM Watson for Cyber Security based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks."
"The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user."
"Sentinel also enables you to ingest data from your entire ecosystem and not just from the Microsoft ecosystem. It can receive data from third-party vendors' products such firewalls, network devices, and antivirus solutions. It's not only a Microsoft solution, it's for everything."
"Microsoft Sentinel enables you to ingest data from the entire ecosystem and that connection of data helps you to monitor critical resources and to know what's happening in the environment."
"It's easy to use. It's a very good product. It can easily ingest data from anywhere. It has an easily understandable language to perform actions."
"It is quite efficient. It helps our clients in identifying their security issues and respond quickly. Our clients want to automate incident response and all those things."
"The Log analytics are useful."
"Sentinel's most important feature is the ability to centralize all the logs in one place. There's no need to search multiple systems for information."
"I have used IBM QRadar User Behavior Analytics in a Cloud Pak on Amazon, and there it runs on top of it and is easy to assess. Additionally, I have installed processes and characters."
"Most of the features are good. It is an excellent solution."
"This solution has allowed us to correlate logs from multiple sources."
"The most valuable features are the AI assistant, which is good at detecting known types of behavior."
"It is a bit easier to use than other products, such as Splunk or ELK Elasticsearch."
"Vulnerability data, network data and the like, are part of correlation and detection."
"The threat protection network is the most valuable feature, because when you get an offense, you can actually trace it back to where it originated from, how it originated, and why."
"Vulnerability detection is the most valuable feature. It's the tool that finds the threats."
"The customer support is very good."
"The most valuable feature of this product is innovation, where the research and upgrading of technology never ends."
"The most valuable features of IBM Watson for Cyber Security are ease of use and out-of-the-box reports and compliance policies. Additionally, if there are aspects that are missing IBM add them in the next release."
"IBM Watson for Cyber Security is very stable."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"We'd like to see more connectors."
"The product can be improved by reducing the cost to use AI machine learning."
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
"The troubleshooting has room for improvement."
"I would like to be able to monitor applications outside of the Azure Cloud."
"There is room for improvement in entity behavior and the integration site."
"I would like Sentinel to have more out-of-the-box analytics rules. There are already more than 400 rules, but they could add more industry-specific ones. For example, you could have sets of out-of-the-box rules for banking, financial sector, insurance, automotive, etc., so it's easier for people to use it out of the box. Structuring the rules according to industry might help us."
"QRadar needs a lot of fine tuning"
"I would like to see a more user-friendly product."
"There is room for improvement in IBM QRadar in integrating features for SOC maturity and security levels directly into QRadar."
"QRadar log integration of various applications can be a tough job at times. There may be occasions when you will not find any QRadar guide on adding logs of a particular application. Even if you come across one, adding a log process is not an easy one."
"There needs to be better integration with other applications."
"There is one problem with QRadar in regards to the add-on apps. The apps can be frustrating. For example, when I add a big app like one of the add-ons for resiliency, add-on applications for QRadar, these applications require different hardware to implement and to deploy. The resiliency connector because there's a considerable amount of data scanning, operates for these apps correctly."
"There could be better integration with the solution."
"The solution should enhance its capabilities of UEBA and AI/ML tech modeling."
"This is an expensive product, so making it more cost-effective would be an improvement."
"The dashboard could improve in IBM Watson for Cyber Security."
"They need to continue to build the AI capabilities."
"In the future, I would like to see threat intelligence included."
More IBM Watson for Cyber Security Pricing and Cost Advice →
IBM Security QRadar is ranked 4th in Security Information and Event Management (SIEM) with 198 reviews while IBM Watson for Cyber Security is ranked 45th in Security Information and Event Management (SIEM) with 4 reviews. IBM Security QRadar is rated 8.0, while IBM Watson for Cyber Security is rated 8.0. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of IBM Watson for Cyber Security writes "An innovative and stable product that is well maintained and always up-to-date". IBM Security QRadar is most compared with Splunk Enterprise Security, Wazuh, LogRhythm SIEM, Elastic Security and Sentinel, whereas IBM Watson for Cyber Security is most compared with Splunk Enterprise Security and i-SIEM. See our IBM Security QRadar vs. IBM Watson for Cyber Security report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.