IBM today announced vulnerability-management capabilities available with its security information and event management (SIEM) product, called QRadar, that will let security managers identify network assets and prioritize network vulnerabilities for remediation.
The QRadar Vulnerability Manager, which resides on top of the SIEM, can scan the corporate network and can also take in data from third-party scanners, including those from Qualys, Rapid7, Nessus, nCircle, McAfee, according to Kevin Skapinetz, program director of product strategy at IBM Security Solutions. “It provides actionable intelligence about vulnerabilities based on the context of assets,” he says.
A SIEM is used to centralize and correlate alerts from security equipment such as firewalls and intrusion-detection systems, as well as corporate computing assets such as servers.
QRadar Vulnerability manager "provides actionable intelligence about vulnerabilities."
— IBM's Kevin Skapinetz
[MORE SECURITY: Cisco-Sourcefire union raises many product overlap questions]
In addition to the QRadar Vulnerability Manager, which is licensed at a price that starts at $15,000, IBM also announced a new version of its IBM Security zSecure Suite that will work with the SIEM. IBM’s zSecure product is auditing and alerting software for IBM mainframe security, and the new version of it can share information with the QRadar SIEM to provide visibility of mainframe security events.
IBM also said its intrusion-prevention system, the IBM Security Network Protection XGS 5100, is integrated into the security platform for QRadar so that ongoing feeds can identify attacks via SSL.
Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail: firstname.lastname@example.org