Risk priority by vulnerability

Vulnerabilities that are detected on your assets can be prioritized by their network location or a connection to another device that is vulnerable.

IBM QRadar Risk Manager uses asset information and vulnerability information in policy monitor. This information is used to determine whether your assets are susceptible to input type attacks, such as; SQL injection, hidden fields, and clickjacking.

Vulnerability asset questions can include the following criteria:
  • Assets with new vulnerabilities reported after a specific date.
  • Assets with specific vulnerabilities or CVSS score.
  • Assets with a specific classification of vulnerability, such as input manipulation or denial of service.