IBM Security QRadar

Expand all | Collapse all

QVM

  • 1.  QVM

    Posted Mon August 17, 2020 04:32 AM
    Edited by Bruno Oliveira Mon August 17, 2020 04:33 AM
    Hi Community,

    What happened to QVM?
    I just saw this:

    https://www-01.ibm.com/common/ssi/cgi-bin/ssialias?infotype=AN&subtype=CA&htmlfid=649/ENUSA20-0462&appname=USN


    Software withdrawal and support discontinuance: IBM Security QRadar Vulnerability Manager



    and

    Replacement informationTop rule

    None


    Does it mean that we only have QVM as addon?

    Regards,
    Bruno

    ------------------------------
    Bruno Oliveira
    ------------------------------


  • 2.  RE: QVM

    Posted Tue August 18, 2020 06:35 AM
    I think this answers it
    https://www.ibm.com/security/security-intelligence/qradar/vulnerability-assessment

    ------------------------------
    Dusan VIDOVIC
    ------------------------------



  • 3.  RE: QVM

    Posted Wed August 19, 2020 09:03 AM
    It means IBM will eventually not sell QVM as add-on or stand alone solution past EOS date.

    ------------------------------
    Richard Gingras
    QRadar SME
    IBM Security
    Cambridge MA
    ------------------------------



  • 4.  RE: QVM

    Posted Wed August 19, 2020 09:45 AM
    Hi - What does this mean for the QVI app? Will it work with vuln data derived from a third party scanner like Tenable?





  • 5.  RE: QVM

    Posted Wed August 19, 2020 09:57 AM
    My understanding is Tenable/Nessus has an app for QRadar and so does Qualys we should reference them because of the apps but we can ingest any scanner into QRadar.

    ------------------------------
    Richard Gingras
    QRadar SME
    IBM Security
    Cambridge MA
    ------------------------------



  • 6.  RE: QVM

    Posted Wed August 19, 2020 10:12 AM
    Yes we are planning on implementing both the tenable app and the scanner information, but wasn't thinking of using the QVI app as it specifically mentions the use of QVM data. So it sounds like we could use QVI with non QVM scanners?





  • 7.  RE: QVM

    Posted Wed August 19, 2020 10:24 AM
    I suggest you read description of any app before deploying it.

    ------------------------------
    Richard Gingras
    QRadar SME
    IBM Security
    Cambridge MA
    ------------------------------



  • 8.  RE: QVM

    Posted Wed August 19, 2020 10:27 AM
    As I am aware the QUALYS app provides nice  visualization but does not update the assets records in QRadar, but any ext. scanner setup that is supported should do (QUALYS and TENABLE NESSUS SC included).

    ------------------------------
    Dusan VIDOVIC
    ------------------------------



  • 9.  RE: QVM

    Posted Wed August 19, 2020 10:31 AM
    Ingestion of any scanner should populate asset tables.

    ------------------------------
    Richard Gingras
    QRadar SME
    IBM Security
    Cambridge MA
    ------------------------------



  • 10.  RE: QVM

    Posted Mon September 21, 2020 02:42 PM
    Hi. Can someone share the link and procedure to download QVM vulnerabilty database updates and how to install in offline mode.

    Thanks.

    ------------------------------
    Shahzad Ahmed
    ------------------------------



  • 11.  RE: QVM

    Posted Mon September 21, 2020 04:17 PM
    AFAIK updates that QRadar downloads automatically should contain vulnerability signatures as well.  If your QRadar instance does not have Internet access, than this article probably covers what you were looking for.

    ------------------------------
    Dusan VIDOVIC
    ------------------------------