IBM has announced vulnerability-management capabilities for its security information and event management (SIEM) product, called QRadar, that will let security managers identify network assets and prioritise network vulnerabilities for remediation.
The QRadar Vulnerability Manager, which resides on top of the SIEM, can scan the corporate network and can also take in data from third-party scanners, including those from Qualys, Rapid7, Nessus, nCircle, McAfee, according to Kevin Skapinetz, program director of product strategy at IBM Security Solutions. "It provides actionable intelligence about vulnerabilities based on the context of assets," he says.
A SIEM is used to centralise and correlate alerts from security equipment such as firewalls and intrusion-detection systems, as well as corporate computing assets such as servers.
In addition to the QRadar Vulnerability Manager, which is licensed at a price that starts at $15,000, IBM also announced a new version of its IBM Security zSecure Suite that will work with the SIEM. IBM's zSecure product is auditing and alerting software for IBM mainframe security, and the new version of it can share information with the QRadar SIEM to provide visibility of mainframe security events.
IBM also said its intrusion-prevention system, the IBM Security Network Protection XGS 5100, is integrated into the security platform for QRadar so that ongoing feeds can identify attacks via SSL.
Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail: [email protected]