IBM Highlights Critical Security Vulnerabilities with New Tool

August 13, 2013 Alex Woodie

IBM last month announced QRadar Vulnerability Manager (QVM), a new tool designed to give time-crunched administrators a simple and easy way to identify the most dangerous security vulnerabilities that exist in their IT systems.

QVM is like a security triage system for overworked administrators. The software automatically collects data from multiple network, endpoint, database, and application scanners; correlates it with actual use information from the QRadar SIEM (security information and event management); identifies the vulnerabilities that pose the highest threat of actually being exploited; and presents all this information in an easy-to-read dashboard interface.

Speed is the big advantage of this approach, because identifying which vulnerabilities pose the greatest threat can be a difficult and time-consuming task. According to IBM’s X-Force security consulting and research arm, there are more than 70,000 vulnerabilities in existence today, with more than a dozen new ones discovered every day.

IBM says an organization may have tens of thousands of vulnerabilities hidden in its IT systems and networks. But not all vulnerabilities are equal. In fact, the same security vulnerability may pose a higher level of risk to one organization than it does to another.

“Security Intelligence is about putting all the available data into context, and making it useful for each client’s unique security needs,” said Brendan Hannigan, general manager of IBM’s Security Systems Division. “We have relentlessly expanded QRadar’s capabilities, and tight integration of vulnerability management is the next natural extension.”

QVM is fully integrated into the QRadar product family, which IBM obtained with its acquisition of Q1 Labs in 2011. IBM doesn’t say in its marketing materials whether QVM supports IBM i or not. But considering that Q1 Labs added support for IBM i in 2010, it’s likely that the connection is there.

Sponsored By
LINOMA SOFTWARE

You can win the battle to meet data security compliance requirements!

When it comes to your current FTP processes:

        • Have you wondered if there's a more automated, cost-effective way to exchange
           data that keeps HIPAA, PCI DSS, GLBA and SOX compliance auditors happy?
        • Are you looking for a better way to protect sensitive files from a data breach?
        • Would you like to streamline your processes, and thus give your programmers
           more time for other projects?

GoAnywhere, Linoma Software's managed file transfer software suite, solves all of these challenges and more. With GoAnywhere, your organization can secure, automate, and encrypt the data transfers with your trading partners, customers, vendors, employees and internal systems. It supports multiple platforms and all popular protocols, including FTP/S, SFTP, HTTP/S, AS2, SCP, and more.

The GoAnywhere managed file transfer suite, with an optional NIST-certified FIPS 140-2 encryption module, is comprised of three products: GoAnywhere Director, GoAnywhere Services and GoAnywhere Gateway.

GoAnywhere Director automates and secures file transfers using a centralized approach with a single point of control. It can connect to almost any system (internal or external) using standard protocols. GoAnywhere Director can also encrypt and compress files using popular Open PGP encryption, GPG, ZIP, GZIP and TAR standards.

GoAnywhere Services is a secure FTP server (and optional web server) that allows trading partners and employees to connect to your system and exchange files in a secure environment. As an on-premise solution, it includes SFTP, FTPS, and FTP servers with extensive management controls and audit log reporting. A secure HTTPS server can also be enabled for performing ad-hoc file transfers through an intuitive browser-based interface or through its Secure Mail module that includes a plugin for Outlook 2010.

GoAnywhere Gateway is both a reverse proxy and forward proxy, providing an additional layer of network security when exchanging data with your trading partners. By placing GoAnywhere Gateway in your DMZ (public network segment), your sensitive data and servers will remain safely protected in your private network. Its enhanced reverse proxy service does not require inbound ports to be opened into your private network which is essential for compliance with PCI DSS and strict security policies. In addition, it can work with GoAnywhere Services for load balancing to help provide increased capacity by sharing the workload among servers.

GoAnywhere can be installed onto IBM System i, IBM System p (AIX), IBM System (Mainframe), Windows, Linux, UNIX, HP-UX, Mac OS and Solaris platforms.

Take a brief video tour of Linoma Software's GoAnywhere MFT solution,
watch our customer success stories,
or visit our website at www.GoAnywhere.com

Flex Systems Get New 10GE And 40GE Switches, Too Krengel Adopts Tokens in Credit Card Transaction Software

Table of Contents

Recent Posts

Subscribe

Pages

Search