IBM Highlights Critical Security Vulnerabilities with New Tool

August 13, 2013 Alex Woodie

IBM last month announced QRadar Vulnerability Manager (QVM), a new tool designed to give time-crunched administrators a simple and easy way to identify the most dangerous security vulnerabilities that exist in their IT systems.

QVM is like a security triage system for overworked administrators. The software automatically collects data from multiple network, endpoint, database, and application scanners; correlates it with actual use information from the QRadar SIEM (security information and event management); identifies the vulnerabilities that pose the highest threat of actually being exploited; and presents all this information in an easy-to-read dashboard interface.

Speed is the big advantage of this approach, because identifying which vulnerabilities pose the greatest threat can be a difficult and time-consuming task. According to IBM’s X-Force security consulting and research arm, there are more than 70,000 vulnerabilities in existence today, with more than a dozen new ones discovered every day.

IBM says an organization may have tens of thousands of vulnerabilities hidden in its IT systems and networks. But not all vulnerabilities are equal. In fact, the same security vulnerability may pose a higher level of risk to one organization than it does to another.

“Security Intelligence is about putting all the available data into context, and making it useful for each client’s unique security needs,” said Brendan Hannigan, general manager of IBM’s Security Systems Division. “We have relentlessly expanded QRadar’s capabilities, and tight integration of vulnerability management is the next natural extension.”

QVM is fully integrated into the QRadar product family, which IBM obtained with its acquisition of Q1 Labs in 2011. IBM doesn’t say in its marketing materials whether QVM supports IBM i or not. But considering that Q1 Labs added support for IBM i in 2010, it’s likely that the connection is there.

Q1 Labs Adds IBM i, Social Media Monitoring to SIEM

                     Post this story to del.icio.us
               Post this story to Digg
    Post this story to Slashdot

Tags:

CYBER-ATTACKS ON THE RISE. PROTECT WITH THE TRIPLE PLAY.

COVID-19 has not only caused a global pandemic, but has sparked a “cyber pandemic” as well.

“Cybersecurity experts predict that in 2021, there will be a cyber-attack incident every 11 seconds. This is nearly twice what it was in 2019 (every 19 seconds), and four times the rate five years ago (every 40 seconds in 2016). It is expected that cybercrime will cost the global economy $6.1 trillion annually, making it the third-largest economy in the world, right behind those of the United States and China.”1

Protecting an organization’s data is not a single-faceted approach, and companies need to do everything they can to both proactively prevent an attempted attack and reactively respond to a successful attack.

UCG Technologies’ VAULT400 subscription defends IBM i and Intel systems against cyber-attacks through comprehensive protection with the Triple Play Protection – Cloud Backup, DRaaS, & Enterprise Cybersecurity Training.

Cyber-attacks become more sophisticated every day. The dramatic rise of the remote workforce has accelerated this trend as cyber criminals aggressively target company employees with online social engineering attacks. It is crucial that employees have proper training on what NOT to click on. Cyber threats and social engineering are constantly evolving and UCG’s Enterprise Cybersecurity Training (powered by KnowBe4) is designed to educate employees on the current cutting-edge cyber-attacks and how to reduce and eliminate them.

A company is only as strong as its weakest link and prevention is just part of the story. Organizations need to have a quick response and actionable plan to implement should their data become compromised. This is the role of cloud backup and disaster-recovery-as-a-service (DRaaS).

Data is a company’s most valuable asset. UCG’s VAULT400 Cloud Backup provides 256-bit encrypted backups to two (2) remote locations for safe retrieval should a cyber-attack occur. This is a necessary component of any protection strategy. Whether a single click on a malicious link brings down the Windows environment or an infected SQL server feeds the IBM i, once the data is compromised, there is no going back unless you have your data readily available.

Recovery is not a trivial task, especially when you factor in the time sensitive nature of restoring from an active attack. This leads to the third play of the Triple Play Protection – DRaaS. Companies have myriad concerns once an attack is realized and a managed service disaster recovery allows employees to keep focus on running the business in a crisis state.

The combination of training employees with secure backup and disaster recovery offers companies the best chance at avoiding financial disruption in an age of stronger, more frequent cyber-attacks.

Reach out to UCG Technologies to discuss your company’s security needs and develop a data protection plan that fits you best.

ucgtechnologies.com/triple-play

800.211.8798 | info@ucgtechnologies.com