QRadar Vulnerability Manager deployments
Locate and manage the vulnerabilities in your network by deploying IBM QRadar Vulnerability Manager. Enhance your network security by integrating add-on features such as HCL BigFix.
IBM QRadar Vulnerability Manager discovers vulnerabilities on your network devices, applications, and software adds context to the vulnerabilities, prioritizes asset risk in your network, and supports the remediation of discovered vulnerabilities.
You can integrate QRadar Risk Manager for added protection, which provides network topology, active attack paths and high-risk assets risk-score adjustment on assets based on policy compliance. QRadar Vulnerability Manager and QRadar Risk Manager are combined into one offering and both are enabled through a single base license.
Depending on the product that you install, and whether you upgrade IBM QRadar or install a new system, the Vulnerabilities tab might not be displayed. Access IBM QRadar Vulnerability Manager by using the Vulnerabilities tab. If you install IBM QRadar SIEM, the Vulnerabilities tab is enabled by default with a temporary license key. If you install QRadar Log Manager, the Vulnerabilities tab is not enabled. You can use the Try it Out option to try out QRadar Vulnerability Manager for 30 days. You can purchase the license for QRadar Vulnerability Manager separately and enable it by using a license key. For more information about upgrading, see the IBM QRadar Upgrade Guide.
QRadar Vulnerability Manager integrations
IBM QRadar Vulnerability Manager integrates with HCL BigFix to help you filter and prioritize the vulnerabilities that can be fixed. BigFix provides shared visibility and control between IT operations and security. BigFix applies Fixlets to high priority vulnerabilities that are identified and sent by QRadar Vulnerability Manager to BigFix. Fixlets are packages that you deploy to your assets or endpoints to remediate specific vulnerabilities.
Third-party scanners
QRadar Vulnerability Manager delivers an effective vulnerability management platform, regardless of the source of the scan data. QRadar Vulnerability Manager integrates seamlessly with third-party scanners such as Nessus, nCircle, and Rapid 7.
- Event driven and on-demand scanning
- Asset database and watchlist based scanning
- Scanning from existing QRadar appliances and managed hosts
- Detection of newly published vulnerabilities that are not present in any scan results
- Asset, vulnerability, and traffic-based vulnerability management
- Adjusted vulnerability scores and context aware risk scoring.