Security breach prevention
By sensing over 70,000 known dangerous default settings, misconfigurations and software flaws, IBM® QRadar® Vulnerability Manager helps you take corrective action before an attack occurs. Using a Payment Card Industry (PCI) certified scanner to detect vulnerabilities, it accepts input from third-party scanners, risk management products and external databases, including IBM X-Force® Threat Intelligence and the National Vulnerabilities Database, to provide a combined view of vulnerabilities.
Single, consolidated view of vulnerabilities
An intuitive user interface provides complete visibility across dynamic, multi-layered networks. You can easily select a dashboard view and click through related tabs to review security offenses, log events, network flows, asset status, configurations, reports, risks and vulnerabilities. With QRadar Vulnerability Manager, you can make faster, more informed decisions with a single, consolidated view of scan results.
Remediation and mitigation activity prioritization
QRadar Vulnerability Manager uses security intelligence to filter vulnerabilities so you can understand how to prioritize remediation and mitigation activities. By maintaining a current network view of all discovered vulnerabilities, including details such as when the vulnerabilities were found, what scan jobs reported them and to whom the vulnerability is assigned for remediation or mitigation, it helps your security teams prioritize tasks for remediation.
Regulatory compliance automation
QRadar Vulnerability Manager helps ensure compliance by conducting regular network scans and maintaining detailed audit trails. It categorizes each vulnerability with a severity rating and an exposure score. In addition to scanning assets both internally and externally, QRadar Vulnerability Manager enables security teams to create tickets to manage remediation activities and specify exceptions with a full audit trail.
How customers use it
Centralized insights into vulnerabilities
Having a single, consolidated view of scan results to make faster, more informed decisions.
Gain a unified view of all vulnerabilities, enhanced with context from your security analytics platform.
Vendor agnostic vulnerability management
Building a vulnerability management practice that is vendor agnostic.
Manage vulnerability data from multiple third-party sources without disruption if you choose to replace scanning tools.
Closed loop patch management integration
Prioritizing remediation and mitigation activities.
Leverage validated integrations to fully automate a closed loop vulnerability assessment, prioritization, and endpoint patch management process.
Real-time risk analysis and on-demand scanning
The ability to apply real-time correlation to vulnerability data.
QRadar Vulnerability Manager lets you assess your risk posture through attack path simulation and policy monitoring, plus trigger targeted scans on-demand to validate potential threats.