Intelligent vulnerability scanning to reduce critical exposures and meet compliance
IBM® Security QRadar® Vulnerability Manager proactively discovers network device and application security vulnerabilities, adds context and supports the prioritization of remediation and mitigation activities. It is fully integrated with the IBM QRadar Security Intelligence Platform, and enriches the results of both scheduled and dynamic vulnerability scans with network asset information, security configurations, flow data, logs and threat intelligence to manage vulnerabilities and achieve compliance.
IBM Security QRadar Vulnerability Manager helps you develop an optimized plan for addressing security exposures. Unlike stand-alone tools, the solution integrates vulnerability information to help security teams gain the visibility they need to work more efficiently and reduce costs.
IBM Security QRadar Vulnerability Manager is part of the IBM Security QRadar SIEM architecture. It can be quickly activated with a licensing key and requires no new hardware or software appliances.
IBM Security QRadar Vulnerability Manager:
- Helps prevent security breaches by discovering and highlighting over 70,000 known dangerous default settings, mis-configurations, software features and vendor flaws.
- Provides a consolidated vulnerability view across major vulnerability products and technologies.
- Adds context to identify key vulnerabilities and reduce false positives.
- Integrates with IBM QRadar Security Intelligence Platform for easy installation, faster time to value and reduced deployment cost.
- Performs intelligent, customizable scheduled and event-driven scanning, asset discovery and asset profiling for 360-degree, enterprise-wide visibility to your network.
Helps prevent security breaches
- Uses a Payment Card Industry Data Security Standard (PCI-DSS) certified scanner to identify security vulnerabilities and risks, helping security teams take corrective actions before an attack occurs.
- Includes an external scanning capability to provide a view of how an attacker sees the network.
- Accepts inputs from third-party vulnerability scanners, risk management products and external databases, including IBM X-Force® Threat Intelligence and the National Vulnerabilities Database.
- Builds and maintains a single view of an organization's vulnerability posture across growing, dynamically changing, multi-layered network environments.
Provides a consolidated vulnerability view
- Uses security context derived from logs, network flow data, asset configurations and threat intelligence sources to identify and prioritize network vulnerabilities.
- Saves labor and reduces costs by removing false positives and non-threatening vulnerabilities—reduces the large number of vulnerabilities to a smaller, actionable list of true exposures.
- Correlates vulnerability data with IBM QRadar SIEM security intelligence data, asset information and external databases—including IBM X-Force Threat Intelligence—to identify vulnerabilities and assets most at risk.
- Coordinates with Intrusion Prevention Systems (IPS) and Intrusion Detection Systems (IDS) blocking and Virtual Patching capabilities to mitigate vulnerabilities for which no patch is currently available.
Integrates with IBM QRadar Security Intelligence Platform
- Avoids costs associated with procuring, maintaining and integrating numerous point products—uses existing IBM QRadar SIEM console, Event Processor and QFlow Collector appliances.
- Provides quick and easy installation—only a license key is needed.
- Uses existing IBM QRadar Security Intelligence Platform interface to help minimize training requirements and accelerate time-to-value.
- Supports vulnerability trend analysis and maintains daily, weekly and monthly views.
- Automates regulatory compliance with collection, correlation and reporting—and provides full audit trail for compliance reporting.
Performs intelligent, customizable scheduled and event-driven scanning
- Enables scans to be dynamically triggered and launched as the result of network behavior or programmed to run at regular intervals.
- Senses when new assets appear on the network and conducts an immediate scan to keep the asset database and network topology current.
- Performs discovery, non-authenticated, authenticated and Open Vulnerability Assessment Language (OVAL) scans.
- Augments the IBM Security QRadar SIEM common asset database with a full audit trail of vulnerability information from detection through remediation.
- Supports virtualized and cloud environments.
IBM Security QRadar Vulnerability Manager resources