TrustRadius: an HG Insights company

IBM Security QRadar SOAR

Score8.8 out of 10

68 Reviews and Ratings

Contact

What is IBM Security QRadar SOAR?

IBM Security® QRadar® SOAR is designed to help your security team respond to cyberthreats with confidence, automate with intelligence and collaborate with consistency. It guides your team in resolving incidents by codifying established incident response processes into dynamic playbooks.

Categories & Use Cases

Media

the IBM Security QRadar SOAR Breach Response solution. The software helps customers manage more than 180 global privacy reporting regulations including GDPR.
the Playbooks Landing page, that shows all active playbooks in a single view, including how many are actively running, disabled, or are in draft.
IBM Security QRadar SOAR’s Playbook Designer canvas, designed to lower the barrier to entry necessary to build automations through a graphical interface.
the Tasks view shows all response tasks, organized by phase, that have either completed or are set to be executed.
Threat Investigator automatically correlates incident information, curating an incident timeline from start to finish, including related artifacts and MITRE ATT&CK mappings.

1 / 5

Reviews

What users are saying about IBM Security QRadar SOAR.
View all reviews

IBM Security QRadar SOAR Review

Incentivized
Fülöp PfundtView profile
IT Development Analyst in Corporate at Pfundt tesztlabor (1-10 employees employees)

Use Cases and Deployment Scope

The Python-based extensions for Orchestration & Automation are really important for me within IBM Security QRadar SOAR.

Pros

  • Monitoring
  • building a playbook
  • Containment, Response and Recovery

Cons

  • Tutorials

Return on Investment

  • With playbooks and automation you can achieve high ROI

Alternatives Considered

HPE 3PAR StoreServ

Other Software Used

HPE 3PAR StoreServ

Automate incident responses with IBM Security QRadar SOAR

Incentivized
Verified User
Analyst in Engineering (501-1000 employees employees)

Use Cases and Deployment Scope

We use IBM Security QRadar SOAR to automate and improve security operations.

Pros

  • Automate incident response
  • Help analysts with high demand
  • Overview of threat landscape

Cons

  • Missing functionality
  • VirusTotal integration

Return on Investment

  • Help to respond fast to threats
  • Easy to use
  • Hard to implement

Usability

Alternatives Considered

Splunk Enterprise

Other Software Used

IBM Security QRadar SIEM, Splunk Enterprise Security (ES), Microsoft Defender for Business

IBM Security QRadar SOAR Review

Incentivized
Verified User
Analyst in Information Technology (10,001+ employees employees)

Use Cases and Deployment Scope

We use IBM Security QRadar SOAR to automate our process the incident response, so when the incident is generated on our SIEM IBM QRADAR, the SOAR collect the informations from offense and populate in an incident case, allow us to attach many artifacts to enrich our investigations and provide better visibility.

Pros

  • enrich events
  • triage incidents
  • many ways to automations

Cons

  • Improving support to shell script
  • Improving stability
  • Improving support a Trend Micro XDR to contain threats

Return on Investment

  • Needs a developer team to automations
  • Cause downtime for some bugs
  • Is difficult to troubleshooting without IBM support team

Usability

Alternatives Considered

Palo Alto Networks Cortex XSOAR

Other Software Used

Splunk Enterprise Security (ES), Palo Alto Networks Cortex XDR

IBM Security QRadar SOAR Review

Incentivized
Verified User
Engineer in Engineering (1001-5000 employees employees)

Use Cases and Deployment Scope

In our organization, we utilize IBM Security QRadar SOAR primarily for automating repetitive tasks to reduce the workload on analysts. It serves as a central hub for managing and orchestrating all security incidents. By enforcing predefined tasks and workflows, it streamlines incident response processes, ultimately enhancing our overall security posture.

Pros

  • Automation to Reduce Time on Analysts
  • Enforcing Tasks
  • Central Hub for All Incidents

Cons

  • playbook ui
  • adding new features constantly
  • customization version control

Return on Investment

  • reducing time = less analysts = less pay
  • companion ticketing systems in one place

Alternatives Considered

Palo Alto Networks Cortex XSOAR, FortiSOAR and Microsoft Sentinel

Other Software Used

LogRhythm NextGen SIEM Platform, Microsoft Sentinel

Detailed view on IBM Security QRadar SOAR and alternatives.

Incentivized
Namandeep BhatiaView profile
Co Founder & Chief Technology Officer in Research & Development at Pickright Technologies (11-50 employees employees)

Use Cases and Deployment Scope

We tried IBM suite for all threat detection and resolvece.

Pros

  • Dashboard and reporting are good. There is intuitive dashboard.
  • Multi team collaboration fetaure is good.
  • Automations of complex response workflows possible

Cons

  • Customising playbooks and workflows are bit challenging.
  • there are few compatibility issues while integrating with some external tools.
  • customer support is not good enough. Infact, there are few gaps in provided documentations.

Return on Investment

  • Faster response time for any suspected threat and mitigation. Of course this is positive impact.
  • If properly configured for automation, then it can save resources. Although, there is one time extensive resource utilization involved for initial setup.
  • In some cases organisation might not utilise its full capabilities, in that case it is expensive.

Usability

Alternatives Considered

Splunk Attack Analyzer, Palo Alto Networks Advanced Threat Prevention and Swimlane

Other Software Used

Zoho BugTracker, Google Cloud AI, Google Cloud Platform, MongoDB

Related Products

Products similar to IBM Security QRadar SOAR that may also meet your needs.
All comparisons
Palo Alto Networks Cortex XSOAR
CompareLearn more
FortiSOAR
CompareLearn more
Splunk SOAR
CompareLearn more