Overview
The IBM BigFix and QRadar teams are pleased to announce the release of another phase of integration between BigFix and QRadar. Currently, customers can:
- Incorporate BigFix managed endpoint intelligence data to QRadar for more enhanced security analytics and
- Remediate the vulnerabilities identified and prioritized by QRadar Vulnerability Manager (QVM) and QRadar Risk Manager (QRM) using BigFix.
Based on the existing BigFix and QRadar integrations, this further phase of integration delivers dashboard usability enhancements, additional platform support, documentation improvement, and support for third party vulnerability scanners.
Feature highlights
Specifically, the new integration phase provides the following features:
Dashboard usability enhancements: On the ‘Manage Vulnerable Computers’ dashboard, additional filtering
mechanisms are provided to make vulnerability remediation more efficient. In the CVEs view, you can use a filter to show only the CVEs for which BigFix has remediation content and how many computers can be remediated for each CVE. In the Computers view, you can use a filter to show only the computers for which BigFix has remediation contents and how many CVEs can be remediated for each computer. In addition, BigFix Baseline and custom content are also supported on the dashboard, so bulk remediation to fix multiple vulnerabilities is possible.
Additional platform support: The vulnerability remediation function is extended from to Mac OS X
platforms, so BigFix now can provide relevant patches to fix vulnerabilities discovered on Windows and Mac devices.
Documentation improvement: All the documentation that describes various BigFix and QRadar
integration use cases are re-organized and consolidated into one single location.
Support for third party vulnerability scanners: QVM can collect and consolidate vulnerabilities discovered by a number of third party vulnerability scanners. These vulnerabilities can then be prioritized by QVM/QRM and sent to BigFix for remediation. This feature extends the great BigFix/QRadar vulnerability remediation integration values to many environments where a third party scanner is already used for vulnerability discovery.
More information
New BigFix and QRadar integration page on IBM developerWorks (one stop-shop for deployment of each integration use case)
https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli%20Endpoint%20Manager/page/BigFix%20and%20QRadar%20Integration
QVM third party scanner support information:
http://www.ibm.com/support/knowledgecenter/en/SS42VS_7.2.8/com.ibm.dsm.doc/r_vuln_supportedVAlist.html