IBM QRadar Vulnerability Manager

 IBM® QRadar® Vulnerability Manager senses security vulnerabilities, adds context and helps prioritize remediation activities. Fully integrated with the QRadar Security Intelligence Platform, it uses advanced analytics to enrich the results of vulnerability scans to lower risk and achieve compliance. QRadar Vulnerability Manager correlates vulnerability data with network topology and connection data to intelligently manage risk. A policy engine automates compliance checks. Using QRadar Vulnerability Manager will help your security team develop an optimized action plan to address security exposures to work more efficiently and decrease costs.  

 

How Customers Use it


Centralized insights into vulnerabilities

Centralized insights into vulnerabilities

Problem:
Having a single, consolidated view of scan results to make faster, more informed decisions.

Solution:
Gain a unified view of all vulnerabilities, enhanced with context from your security analytics platform.
Vendor agnostic vulnerability management

Vendor agnostic vulnerability management

Problem:
Building a vulnerability management practice that is vendor agnostic.

Solution:
Manage vulnerability data from multiple third-party sources without disruption if you choose to replace scanning tools.
Closed loop patch management integration

Closed loop patch management integration

Problem:
Prioritizing remediation and mitigation activities.

Solution:
Leverage validated integrations to fully automate a closed loop vulnerability assessment, prioritization, and endpoint patch management process.
Real-time risk analysis and on-demand scanning

Real-time risk analysis and on-demand scanning

Problem:
The ability to apply real-time correlation to vulnerability data.

Solution:
QRadar Vulnerability Manager lets you assess your risk posture through attack path simulation and policy monitoring, plus trigger targeted scans on-demand to validate potential threats.

 

Features


Security breach prevention

By sensing over 70,000 known dangerous default settings, misconfigurations and software flaws, IBM® QRadar® Vulnerability Manager helps you take corrective action before an attack occurs. Using a Payment Card Industry (PCI) certified scanner to detect vulnerabilities, it accepts input from third-party scanners, risk management products and external databases, including IBM X-Force® Threat Intelligence and the National Vulnerabilities Database, to provide a combined view of vulnerabilities.

Single, consolidated view of vulnerabilities

An intuitive user interface provides complete visibility across dynamic, multi-layered networks. You can easily select a dashboard view and click through related tabs to review security offenses, log events, network flows, asset status, configurations, reports, risks and vulnerabilities. With QRadar Vulnerability Manager, you can make faster, more informed decisions with a single, consolidated view of scan results.

Remediation and mitigation activity prioritization

QRadar Vulnerability Manager uses security intelligence to filter vulnerabilities so you can understand how to prioritize remediation and mitigation activities. By maintaining a current network view of all discovered vulnerabilities, including details such as when the vulnerabilities were found, what scan jobs reported them and to whom the vulnerability is assigned for remediation or mitigation, it helps your security teams prioritize tasks for remediation.

Regulatory compliance automation

QRadar Vulnerability Manager helps ensure compliance by conducting regular network scans and maintaining detailed audit trails. It categorizes each vulnerability with a severity rating and an exposure score. In addition to scanning assets both internally and externally, QRadar Vulnerability Manager enables security teams to create tickets to manage remediation activities and specify exceptions with a full audit trail.

 

Read the Reports


 


Helps prevent security breaches - by discovering and highlighting over 70,000 known dangerous default settings, mis-configurations, software features and vendor flaws.


Provides a consolidated vulnerability view - across major vulnerability products and technologies


Integrates with IBM QRadar Security Intelligence Platform - for easy installation, faster time to value and reduced deployment cost


Performs intelligent, customizable scheduled and event-driven scanning - asset discovery and asset profiling for 360-degree, enterprise-wide visibility to your network.