IBM unveils software to identify and predict security risk
IBM announced an integrated security intelligence solution that helps organizations identify key vulnerabilities in real-time.
QRadar Vulnerability Manager gives security officers a prioritized view across their network, allowing them to fortify their defenses. By aggregating vulnerability information into a single view, security teams can see the results from multiple network, endpoint, database or application scanners where it can be reviewed and managed.
More than 70,000 security vulnerabilities exist today, with more than a dozen more being reported every day. The rapid expansion of social, mobile and cloud computing can further increase the threat landscape as each new device attached to a network further expands potential vulnerabilities.
Part of the IBM Security Intelligence Platform, QRadar Vulnerability Manager (QVM) is a software module that combs through security holes to help close them to potential exploits, excluding those hidden behind firewalls, associated with inactive applications or otherwise unreachable from external attacks.
By activating a license key, this new software can automatically scan the network and perform the analysis helping security teams direct their staff resources.
“Traditional vulnerability management solutions are fundamentally broken,” said Brendan Hannigan, General Manager, IBM Security Systems. “Vulnerability scanning today lacks network-wide visibility, contextual awareness and real-time scanning. These gaps mean even well-known and preventable vulnerabilities can be lost in an overload of data, leaving organizations exposed to high risks.”
QRadar Vulnerability Manager helps clients reduce the remediation and mitigation burden by aggregating vulnerability information into a single risk-based view where it can be quickly prioritized. Security teams can see the results from multiple network, endpoint, database or application scanners alongside the latest X-Force Threat Intelligence alerts and incident reports from the National Vulnerability Database. QRadar Vulnerability Manager also includes its own embedded, PCI-certified scanner which can be scheduled to run periodically or triggered based on network events.
“QRadar Vulnerability Manager is a breakthrough for the IT security industry,” said Murray Benadie Managing Director, Zenith Systems, an IBM Business Partner. “It can cut a huge list of vulnerabilities in half, if not more. Users will quickly see vulnerabilities on their networks, without trying to mash products together- that is how information falls through the cracks. This is a true game changer.”
IBM is enhancing its intrusion prevention platform with the introduction of the IBM Security Network Protection XGS 5100. Fully integrated with IBM Security QRadar, the platform now provides ongoing network data feeds to help identify stealthy Secure Socket Layer attacks (SSL–a security protocol to enable Web sites to pass sensitive information securely in an encrypted format), in addition to providing real-time protection from advanced threats and heightened levels of network visibility and control. This enhanced intrusion prevention platform also includes IBM’s unique virtual patch technology to provide vulnerability protection when a software patch is not yet available.