Intelligent vulnerability scanning to reduce critical exposures and meet compliance
IBM® QRadar® Vulnerability Manager proactively senses and discovers network device and application security vulnerabilities, adds context and supports the prioritization of remediation and mitigation activities. It is fully integrated with the IBM QRadar Security Intelligence Platform, and uses advanced analytics to enrich the results of both scheduled and dynamic vulnerability scans with network asset information, security configurations, flow data, logs and threat intelligence to manage vulnerabilities and achieve compliance.
IBM QRadar Vulnerability Manager helps you develop an optimized plan for addressing security exposures. Unlike stand-alone tools, the solution integrates vulnerability information to help security teams gain the visibility they need to work more efficiently and reduce costs.
IBM QRadar Vulnerability Manager correlates vulnerability data with network topology and connection data to prioritize application vulnerabilities and intelligently manage and reduce risk. A policy engine automates compliance checks, enabling risk dashboards, and historical compliance reports.
IBM QRadar Vulnerability Manager:
- Helps prevent security breaches by sensing and highlighting over 70,000 known dangerous default settings, mis-configurations, software features and vendor flaws.
- Provides a consolidated vulnerability view across major vulnerability products and technologies.
- Uses advanced IBM Sense Analytics™ to add context, identify key vulnerabilities and prioritize remediation activities.
- Integrates with IBM QRadar Security Intelligence Platform for easy installation, faster time to value and reduced deployment cost.
- Performs intelligent, customizable scheduled and event-driven scanning, asset discovery and asset profiling for 360-degree, enterprise-wide visibility to your network.
- Monitors network topology, switch, router, firewall and Intrusion Prevention System (IPS) configurations and senses conditions that create security risks. It also simulates network attacks and models configuration changes to assess their impact on security.
Helps prevent security breaches
- Uses a Payment Card Industry Data Security Standard (PCI-DSS) certified scanner to sense vulnerabilities and risks, helping security teams take corrective actions before an attack occurs.
- Accepts inputs from third-party vulnerability scanners, risk management products and external databases, including IBM X-Force® Threat Intelligence and the National Vulnerabilities Database.
- Includes an external scanning capability to provide a view of how an attacker sees the network.
Provides a consolidated vulnerability view
- Uses security context derived from logs, network flow data, asset configurations and threat intelligence sources to identify, analyze and prioritize network vulnerabilities.
- Saves labor and reduces costs by delineating non-threatening vulnerabilities—such as those found within in-active applications—focusing analysts on a smaller, actionable list of critical exposures.
- Coordinates with Intrusion Prevention Systems (IPS) and Intrusion Detection Systems (IDS) blocking and Virtual Patching capabilities to mitigate vulnerabilities for which no patch is currently available.
Integrates with IBM QRadar Security Intelligence Platform
- Avoids costs associated with procuring, maintaining and integrating numerous point products—uses existing IBM QRadar SIEM console, Event Processor and QFlow Collector appliances.
- Provides quick and easy installation requiring only a license key to activate.
- Uses existing IBM QRadar Security Intelligence Platform interface to help minimize training requirements and accelerate time-to-value.
- Automates regulatory compliance with collection, correlation and reporting—and provides full audit trail for compliance reporting.
- Supports virtualized and cloud environments.
Performs intelligent, customizable scheduled and event-driven scanning
- Enables scans to be dynamically triggered and launched as the result of network behavior or programmed to run at regular intervals.
- Senses when new assets appear on the network and conducts an immediate scan to keep the asset database and network topology current.
- Performs discovery, non-authenticated, authenticated and Open Vulnerability Assessment Language (OVAL) scans.
- Uses QRadar’s asset database to provide a full audit trail of vulnerability information from detection through remediation.
Take the IBM Security Self Assessment to help you identify your top pain points and learn about available solutions.
IBM Security QRadar Vulnerability Manager resources