IBM QRadar

Hello,

We patched our deployment for the CVE-2020-4888 Vulnerability, now, we are running some labs with QRadar CE where we test before going operational, I've looked around but I can't find no specs about this: does the CVE-2020-4888 impact Qradar CE 7.3.3 aswell? How should we behave about it?

#QRadar
#Support
#SupportMigration

Hello Alessandro,

i assume you're aware about this documentation:

https://www.ibm.com/community/qradar/ce/

The purpose of qradar ce is well documented.

To test operational functions you should consider to install an extra testsystem for example based on an All-in-One Appliance on VM with the requested requirements and QRadar Release you want to compare.

Hope this info is helpful for you.

Regards,

Ralph

#QRadar
#Support
#SupportMigration

Hello,

Thank you for your answer, that's not really helpful on my case.

We just use it to test some custom actions, rules and funcionalities before going operational but that's not the point, the question is:

If I have a Qradar CE Live, does the CVE impacts my deployment?

#QRadar
#Support
#SupportMigration

Hello Alessandro,

i think, i've understood your question very well. As i understand the purpose of qradar ce, it is not intended to use as "Live" deployment. The frame conditions of CE are mentioned in the associated documention. And as you mentioned, to test some custom actions, rules and functionalities it's the same way we uses QRadar CE 7.3.3 as well, but in an "offline" version of vmware workstation.

Regards,

Ralph

#QRadar
#Support
#SupportMigration