QRadar Vulnerability Manager

QVM Foundations - Part 1: Vulnerability Management in an Enterprise Environment V2

The Fictional Insurance Company is planning to deploy a centralized Security Intelligence solution that can tie in with many of their IT infrastructure components.

Here, they are investigating the topic of vulnerability management and learn about IBM QRadar Vulnerability Manager (QVM).

James, an IBM Security Intelligence Architect, meets with Kate, the CISO of The Insurance Company, to explain to her the fundamentals behind an enterprise vulnerability management program.

James explains that vulnerability management is part of a continuous enterprise IT security risk process. He focuses on vulnerabilities in an IT context and takes a close look at the security intelligence timeline. In the context of an overall IT Risk Management program he illustrates environmental influence factors. Finally, he demonstrates how vulnerabilities are ranked and filtered using IBM QRadar Vulnerability Manager.

QVM Foundations - Part 2: Understanding Vulnerability Damage Potential and Risk Scoring V2

The Fictional Insurance Company is planning to deploy a centralized Security Intelligence solution that can tie in with many of their IT infrastructure components.

Here, their Lead IT Security Architect is investigating the topic of vulnerability damage potential and risk scoring.

James, an IBM Security Intelligence Architect, meets with Paul, the Lead IT Security Architect of The Insurance Company, to investigate the metrics behind the Common Vulnerability Scoring System and to describe, how The Insurance Company can use QVM to rank vulnerabilities inside their organization, so that their security analysts can focus on the most important assets first. 

QVM Foundations - Part 3: Capabilities and Integration V2

The Fictional Insurance Company is planning to deploy a centralized Security Intelligence solution that can tie in with many of their IT infrastructure components.

James, an IBM Security Intelligence Architect, meets with Paul, the Lead IT Security Architect of the Insurance Company, and Julie, the SOC Lead Analyst, to illustrate the purpose and core capabilities of QRadar Vulnerability Manager, including scan and vulnerability management.

QVM Foundations - Part 4: Component Architecture and Deployment Models V2

The Fictional Insurance Company is planning to deploy a centralized Security intelligence solution that can tie in with many of their IT infrastructure components.


James, an IBM Security Intelligence Architect, meets with Paul, the Lead IT Security Architect of the Insurance Company, to investigate the component and deployment architecture of QRadar Vulnerability Manager. This information will help Paul to better plan the necessary distributed QVM deployment for his organization.

Virtual patching with QRadar Vulnerability Manager

QRadar Vulnerability Manager has a mapping between IPS signatures and vulnerabilities which protects or detects attacks from multiple major IPS vendors. Data is collected on a regular basis gets updated via the auto update process.

QRadar Vulnerability Manager in Action

In this video, Jose Bravo demonstrates how to use QRadar Vulnerability Manager to prioritize vulnerability remediation work in a typical enterprise.

Why QRadar Vulnerability Manager?

In this video, Jose Bravo explains why it makes sense to use QRadar Vulnerability Manager although many 3rd party vulnerability scanners are already available today. Unique integration and reporting capabilities make QVM an outstanding solution to prioritize remediation and catch important vulnerabilities that others cannot detect.

Using IBM QRadar Vulnerability Manager

To prevent security breaches, QRadar Vulnerability Manager helps your organization detect and evaluate vulnerabilities of your IT systems. In this lab, you learn how to scan for vulnerabilities and how to investigate detected vulnerabilities.

Click roadmap title to expand/collapse roadmap

QRadar Vulnerability Manager Analyst

Click roadmap title to expand/collapse roadmap

QRadar Vulnerability Manager Architect