Palo Alto Cortex XSIAM Reviews & Product Details - Page 2

I like building use cases in QRadar. The logic is easy to understand, parsing has several options and a lot is possible to make custom use cases. Review collected by and hosted on G2.com.

It's so slow (hence Grandpa QRadar). If you ask it to move too fast it will fall down. Adjusting use cases, especially multiple in a row, is so slow that I can read a book in the meantime. It makes me work slower. Review collected by and hosted on G2.com.

What I like the best in IBM Security Qradar EDR is their threat hunting capabilities which provides a proactive approach of finding suspicious IOC and anomalies within the environment together with their IR Automation which connects strings workflows and orchestrate playbooks and response actions to real time againts real time threats. Review collected by and hosted on G2.com.

What I dislike about the platform is the alert overload in which this happens when there is a surge or high volume alerts/incidents which could affect security analyst and their triage actions in responding to multiple events. Review collected by and hosted on G2.com.

In addition to its advanced threat detection capabilities, IBM Security QRadar SIEM offers a range of features that make it a popular choice among organizations. One notable aspect is its centralized log management functionality. Review collected by and hosted on G2.com.

Complexity of Implementation as we have found the initial implementation and setup of QRadar SIEM to be complex and time consuming process. The platform's rich feature set and extensive configuration options may require experienced personnel or additional training to fully utilize its capabilities Review collected by and hosted on G2.com.

The log management is the best in class and the alerting anf notication features makes it much more userful. The API integration features makes easy of integrating Saas based applicatins.The daily use of the cusitimed user frienly dashboard is one of the best feature in the tool . Review collected by and hosted on G2.com.

Cost of increasing an EPS is higer and there is a need of manual maintainance such as log clearance.Event drops becaus of the over flow is one of the main dislike in Qradar Review collected by and hosted on G2.com.

The QRadar EDR is one of my personal favorite EDR.

As SOC Analyst Im always receiving logs from QRadar EDR and many of our clients using it as their EDR. The main think I love in QRadar's EDR is the Dashboards, this provide a very user friendly dashboard as their home dashboard there we can see stats of all of our endpoints in less complicated way. also the behavioral tree is next level it helping us in incident response very well and it is easy to integrate to SIEM softwares. Review collected by and hosted on G2.com.

it require some programing knowledge to develop uses cases. Review collected by and hosted on G2.com.

ease of use and easy interface and easy implementation Review collected by and hosted on G2.com.

"the layout seems a bit old compared to others" Review collected by and hosted on G2.com.

Seamless integration with security and ticketing tools, makes routine work easy

Very flexible customization options Review collected by and hosted on G2.com.

Sometimes, workflows end up in errors and have to restart the workflows

Also experiences lagging/slowness sometimes Review collected by and hosted on G2.com.

It is a robust, versatile, highly customizable, business driven security solution. It really helped us to establish and operate 24x7x365 Security Operation Center (SOC). One of its feature call DMS Editor where anyone can manipulate log source type or new template/type creation. It is comparatively easy to use as well as run on non-windows operating system. It is also easy to implement, integration with multiple system. Due its robustness, the frequency of use is quite impressive. It would specially mentioned the SI "Secbounty, India" and local partner "Zara Zaman Technology Ltd" for their tremendous efforts as well as support to make this project successful. IBM has very robust customer support including lots online manual, reference, guidance. Review collected by and hosted on G2.com.

It is a bit costly, though to get best support and servies, cost is inevitable. Review collected by and hosted on G2.com.

I like the Dashboard and the way it's present the overall incident details.

It have the capability to detect the malicious behavior, easy to manage the policies and add exception. Review collected by and hosted on G2.com.

I feel it's little bit slow some time while opening incident details. It can be fixed I think in future versions. Review collected by and hosted on G2.com.

Alert analysis is nice, showing the process tree and information about each block.

It's really easy to setup and integrate with QRadar SIEM and SOAR. Review collected by and hosted on G2.com.

Needs programming knowledge to build your own rules.

Reports needs to be improved.

Many false positives. Review collected by and hosted on G2.com.