IBM Security QRadar Risk Manager

Monitor vulnerabilities and firewall configurations to reduce risk, improve compliance

IBM® Security QRadar® Risk Manager helps automate security risk management functions in mission-critical areas, strengthening defenses against attacks while improving compliance. IBM Security QRadar Risk Manager works with IBM Security QRadar SIEM to identify and prioritize vulnerabilities and faulty firewall configurations, based on contextual knowledge of events and network flow data. When combined, these two products help improve operational efficiencies, reduce risk and simplify compliance activities.

IBM Security QRadar Risk Manager:

Analyzes firewall configurations to help identify errors and remove ineffective rules.
Provides network topology and connection visualization tools to view current and potential network traffic patterns.
Identifies active attack paths and high-risk assets to help reduce risk and prioritize remediation activities.
Supports policy compliance monitoring of network traffic, topology and vulnerability exposures.

Analyzes firewall configurations

Conducts detailed configuration audits to help improve consistency of firewall rules including detection of shadowed rules and other configuration errors.
Performs audits and alerts users to risky or out-of-compliance configurations by comparing changes over time.
Improves overall firewall performance by identifying unused or ineffective rules.

Provides network topology and connection visualization tools

The Topology Viewer enables you to see network devices and relationships including subnets and links.
The Connection Monitor provides detailed views into the network configuration based on the routing and firewall configurations.

Identifies active attack paths and high-risk assets

Adds network context to asset and vulnerability data, enabling you to prioritize remediation activities.
Simulates network attacks including the potential spread of an attack across the network.

Supports policy compliance monitoring

Allows active evaluation of multiple security policies using the automated policy monitor.
Correlates asset configuration and vulnerability data with log, event and network flow data to monitor network assets and devices.
Supports audit requirements and policy compliance reporting, with exceptions triggering security incidents, log events and email notifications.

IBM Security QRadar Risk Manager resources

Data sheet: IBM Security QRadar Risk Manager (660KB)
Read more about proactively managing vulnerabilities and network device configuration to reduce risk and improve compliance.

Data sheet: IBM QRadar Security Intelligence Platform (789KB)
Learn more about how IBM QRadar Security Intelligence products can help integrate Security Information and Event Management (SIEM), log management, anomaly detection, and configuration and vulnerability management to deliver improved threat detection.

White paper: IT Executive Guide to Security Intelligence - Transitioning from SIEM to Total Security Intelligence

Gartner Paper: Effective Security Monitoring Requires Context
Read how IBM QRadar solutions can collect, correlate and monitor even the highest data volumes and support the rich customization that large organizations require.

IBM Software

See what smarter software can do for you