Feature spotlights

Security breach prevention

By sensing over 70,000 known dangerous default settings, misconfigurations and software flaws, IBM® QRadar® Vulnerability Manager helps you take corrective action before an attack occurs. Using a Payment Card Industry (PCI) certified scanner to detect vulnerabilities, it accepts input from third-party scanners, risk management products and external databases, including IBM X-Force® Threat Intelligence and the National Vulnerabilities Database, to provide a combined view of vulnerabilities.

Single, consolidated view of vulnerabilities

An intuitive user interface provides complete visibility across dynamic, multi-layered networks. You can easily select a dashboard view and click through related tabs to review security offenses, log events, network flows, asset status, configurations, reports, risks and vulnerabilities. With QRadar Vulnerability Manager, you can make faster, more informed decisions with a single, consolidated view of scan results.

Remediation and mitigation activity prioritization

QRadar Vulnerability Manager uses security intelligence to filter vulnerabilities so you can understand how to prioritize remediation and mitigation activities. By maintaining a current network view of all discovered vulnerabilities, including details such as when the vulnerabilities were found, what scan jobs reported them and to whom the vulnerability is assigned for remediation or mitigation, it helps your security teams prioritize tasks for remediation.

Regulatory compliance automation

QRadar Vulnerability Manager helps ensure compliance by conducting regular network scans and maintaining detailed audit trails. It categorizes each vulnerability with a severity rating and an exposure score. In addition to scanning assets both internally and externally, QRadar Vulnerability Manager enables security teams to create tickets to manage remediation activities and specify exceptions with a full audit trail.

How customers use it

  • Screen shot of enhanced, unified view of vulnerabilities

    Centralized insights into vulnerabilities


    Having a single, consolidated view of scan results to make faster, more informed decisions.


    Gain a unified view of all vulnerabilities, enhanced with context from your security analytics platform.

  • Screen cap of activity report in IBM QRadar

    Vendor agnostic vulnerability management


    Building a vulnerability management practice that is vendor agnostic.


    Manage vulnerability data from multiple third-party sources without disruption if you choose to replace scanning tools.

  • Screen shot of rule wizard

    Closed loop patch management integration


    Prioritizing remediation and mitigation activities.


    Leverage validated integrations to fully automate a closed loop vulnerability assessment, prioritization, and endpoint patch management process.

  • Screen cap of risk analysis dashboard in IBM QRadar

    Real-time risk analysis and on-demand scanning


    The ability to apply real-time correlation to vulnerability data.


    QRadar Vulnerability Manager lets you assess your risk posture through attack path simulation and policy monitoring, plus trigger targeted scans on-demand to validate potential threats.

Technical details