In this demonstration video, Jose Bravo uses a real-world example installation of QRadar® Vulnerability Manager (QVM) and shows how IT Security Operations can use is to prioritize their work day. Jose shows how QVM can organize both the types and specific instances of vulnerabilities on one screen. Because there can be tens of thousands, or even hundreds of thousands of instances of vulnerabilities in an IT environment, QVM must help the IT security staff prioritize their work.
Bravo shows how QVM can be used to filter out vulnerabilities that have not experienced traffic recently and how to filter out vulnerabilities based on whether there are virtual patch rules in place on the IPS systems to block exploitation of the vulnerability. He shows how QVM can read Security Information and Event Management (SIEM) data to prioritize the vulnerability instances that have actually experienced exploit traffic. He also demonstrates how QRadar Risk Manager (QRM) can be used to generate policy-based risk assessments on the infrastructure and use those assessments to further prioritize the security team's work. Finally, he demonstrates QVM's ability to assign vulnerability management to members of the IT security team and track remediation activities. \
You might also be interested in.....
Use IBM security intelligence and big data solutions to uncover actionable insights into modern,advanced data threats. Read the white paper and learn about understanding and identifying advanced threats, expanding visibility with QRadar Security Intelligence, and security Intelligence with InfoSphere® BigInsights™.