QRadar Vulnerability Manager
Getting Started with QRadar Vulnerability Manager
This roadmap outlines fundamental courses intended for someone who works with IBM QRadar Vulnerability Manager (QVM). These courses describe the business case, architecture, and deployment models, and help you to integrate QVM into your QRadar environment.
Review the following courses to learn about QVM concepts and architecture and how to remediate vulnerabilities in your organization’s IT environment.
Study the following courses to become familiar with QVM risk scoring and damage potential, the component and deployment architecture, and the main product features.
In the following courses you learn about various use cases nd how a Security Analyst can use QVM for vulnerability management and mitigation.
In this video, Jose Bravo demonstrates how to use QRadar Vulnerability Manager to prioritize vulnerability remediation work in a typical enterprise.
Here, they are investigating the topic of vulnerability management and learn about IBM QRadar Vulnerability Manager (QVM).
James, an IBM Security Intelligence Architect, meets with Kate, the CISO of The Insurance Company, to explain to her the fundamentals behind an enterprise vulnerability management program.
James explains that vulnerability management is part of a continuous enterprise IT security risk process. He focuses on vulnerabilities in an IT context and takes a close look at the security intelligence timeline. In the context of an overall IT Risk Management program he illustrates environmental influence factors. Finally, he demonstrates how vulnerabilities are ranked and filtered using IBM QRadar Vulnerability Manager.
Here, their Lead IT Security Architect is investigating the topic of vulnerability damage potential and risk scoring.
James, an IBM Security Intelligence Architect, meets with Paul, the Lead IT Security Architect of The Insurance Company, to investigate the metrics behind the Common Vulnerability Scoring System and to describe, how The Insurance Company can use QVM to rank vulnerabilities inside their organization, so that their security analysts can focus on the most important assets first.
James, an IBM Security Intelligence Architect, meets with Paul, the Lead IT Security Architect of the Insurance Company, and Julie, the SOC Lead Analyst, to illustrate the purpose and core capabilities of QRadar Vulnerability Manager, including scan and
The Fictional Insurance Company is planning to deploy a centralized Security intelligence solution that can tie in with many of their IT infrastructure components.
James, an IBM Security Intelligence Architect, meets with Paul, the Lead IT Security Architect of the Insurance Company, to investigate the component and deployment architecture of QRadar Vulnerability Manager. This information will help Paul to better plan the necessary distributed QVM deployment for his organization.
To prevent security breaches, QRadar Vulnerability Manager helps your organization to detect and evaluate vulnerabilities of your IT systems. In this lab, you learn how to scan for vulnerabilities and how to investigate detected vulnerabilities.
The exercises in this lab provide a broad introduction into the features of QRadar Vulnerability Manager. The exercises cover the following topics:
- Running a Patch Scan
- Exploring centralized credentials
- Adjusting environmental metrics for high-value IT systems
- Focusing on risky vulnerability instances
- Investigating the Heartbleed vulnerability
- Creating a Scan Policy with active tests
- Running a custom scan with active tests
- Creating an exception
QRadar Vulnerability Manager has a mapping between IPS signatures and vulnerabilities which protects or detects attacks from multiple major IPS vendors. Data is collected on a regular basis gets updated via the auto update process.
In this video, Jose Bravo explains why it makes sense to use QRadar Vulnerability Manager although many 3rd party vulnerability scanners are already available today. Unique integration and reporting capabilities make QVM an outstanding solution to prioritize remediation and catch important vulnerabilities that others cannot detect.