Security intelligence and Sense Analytics for protecting assets and information from advanced threats
IBM QRadar SIEM consolidates log events and network flow data from thousands of devices, endpoints and applications distributed throughout a network. It normalises and correlates raw data to identify security offences, and uses an advanced Sense Analytics engine to baseline normal behaviour, detect anomalies, uncover advanced threats, and remove false positives. As an option, this software incorporates IBM X-Force Threat Intelligence which supplies a list of potentially malicious IP addresses including malware hosts, spam sources and other threats. IBM QRadar SIEM can also correlate system vulnerabilities with event and network data, helping to prioritise security incidents.
Provides real-time visibility
Senses and detects inappropriate use of applications, insider fraud, and advanced low and slow threats that can be lost among millions of daily events.
Reduces and prioritises alerts
Performs immediate event normalisation and correlation for threat detection and compliance reporting.
Enables more effective threat management
Senses and tracks significant incidents and threats, providing links to all supporting data and context for easier investigation.
IBM QRadar Vulnerability Manager
Intelligent vulnerability scanning to reduce critical exposures and meet compliance
IBM QRadar Vulnerability Manager proactively senses and discovers network device and application security vulnerabilities, adds context and supports the prioritisation of remediation and mitigation activities. It is fully integrated with the IBM QRadar Security Intelligence Platform, and uses advanced analytics to enrich the results of both scheduled and dynamic vulnerability scans with network asset information, security configurations, flow data, logs and threat intelligence to manage vulnerabilities and achieve compliance.
Provides a consolidated vulnerability view across major vulnerability products and technologies
Integrates with IBM QRadar Security Intelligence Platform for easy installation, faster time to value and reduced deployment cost
Performs intelligent, customisable scheduled and event –driven scanning, asset discovery and asset profiling for 360-degree, enterprise-wide visibility to your network
IBM QRadar Risk Manager
Automated risk management for monitoring network device configurations and compliance
IBM QRadar Risk Manager monitors network topology, switch, router, firewall and Intrusion Prevention System (IPS) configurations and senses conditions that create security risks. It also simulates network attacks and models configuration changes to assess their security impact.
Provides network topology and connection visualisation tools to view current and potential network traffic patterns
Correlates asset vulnerabilities with network configuration and traffic data to identify active attack paths and high-risk assets
Simulates network threats, including the potential spread of an attack across the network