QRadar Vulnerability Manager

QVM Foundations - Part 1: Vulnerability Management in an Enterprise Environment V2

The Fictional Insurance Company is planning to deploy a centralized Security Intelligence solution that can tie in with many of their IT infrastructure components.

Here, they are investigating the topic of vulnerability management and learn about IBM QRadar Vulnerability Manager (QVM).

James, an IBM Security Intelligence Architect, meets with Kate, the CISO of The Insurance Company, to explain to her the fundamentals behind an enterprise vulnerability management program.

James explains that vulnerability management is part of a continuous enterprise IT security risk process. He focuses on vulnerabilities in an IT context and takes a close look at the security intelligence timeline. In the context of an overall IT Risk Management program he illustrates environmental influence factors. Finally, he demonstrates how vulnerabilities are ranked and filtered using IBM QRadar Vulnerability Manager.

QVM Foundations - Part 2: Understanding Vulnerability Damage Potential and Risk Scoring V2

The Fictional Insurance Company is planning to deploy a centralized Security Intelligence solution that can tie in with many of their IT infrastructure components.

Here, their Lead IT Security Architect is investigating the topic of vulnerability damage potential and risk scoring.

James, an IBM Security Intelligence Architect, meets with Paul, the Lead IT Security Architect of The Insurance Company, to investigate the metrics behind the Common Vulnerability Scoring System and to describe, how The Insurance Company can use QVM to rank vulnerabilities inside their organization, so that their security analysts can focus on the most important assets first. 

QVM Foundations - Part 3: Capabilities and Integration V2

The Fictional Insurance Company is planning to deploy a centralized Security Intelligence solution that can tie in with many of their IT infrastructure components.

James, an IBM Security Intelligence Architect, meets with Paul, the Lead IT Security Architect of the Insurance Company, and Julie, the SOC Lead Analyst, to illustrate the purpose and core capabilities of QRadar Vulnerability Manager, including scan and vulnerability management.

QVM Foundations - Part 4: Component Architecture and Deployment Models V2

The Fictional Insurance Company is planning to deploy a centralized Security intelligence solution that can tie in with many of their IT infrastructure components.


James, an IBM Security Intelligence Architect, meets with Paul, the Lead IT Security Architect of the Insurance Company, to investigate the component and deployment architecture of QRadar Vulnerability Manager. This information will help Paul to better plan the necessary distributed QVM deployment for his organization.

Virtual patching with QRadar Vulnerability Manager

QRadar Vulnerability Manager has a mapping between IPS signatures and vulnerabilities which protects or detects attacks from multiple major IPS vendors. Data is collected on a regular basis gets updated via the auto update process.

QRadar Vulnerability Manager in Action

In this video, Jose Bravo demonstrates how to use QRadar Vulnerability Manager to prioritize vulnerability remediation work in a typical enterprise.

Why QRadar Vulnerability Manager?

In this video, Jose Bravo explains why it makes sense to use QRadar Vulnerability Manager although many 3rd party vulnerability scanners are already available today. Unique integration and reporting capabilities make QVM an outstanding solution to prioritize remediation and catch important vulnerabilities that others cannot detect.

Click roadmap title to expand/collapse roadmap

Getting Started with QRadar Vulnerability Manager

This roadmap outlines fundamental courses intended for someone who works with IBM QRadar Vulnerability Manager (QVM). These courses describe the business case, architecture, and deployment models, and help you to integrate QVM into your QRadar environment.


Overview

Review the following courses to learn about QVM concepts and architecture and how to remediate vulnerabilities in your organization’s IT environment.

Concepts

Study the following courses to become familiar with QVM risk scoring and damage potential, the component and deployment architecture, and the main product features.

Investigation

In the following courses you learn about various use cases nd how a Security Analyst can use QVM for vulnerability management and mitigation.