what is IBM QRadar SIEM

IBM QRadar SIEM

IBM QRadar Security Information and Event Management (SIEM) is the core module of QRadar Security Intelligence Platform that allows obtaining accurate analytical data on security events in real time. The solution collects, processes and stores data from connected log sources to analyze it and generate offenses on the basis of correlation rules once a security threat is detected.

Below are the  modules of Qradar- 

IBM QRadar Risk Manager                                                                                                                                                                                                                                                                                                                                             

IBM QRadar Risk Manager uses configurations of connected devices (firewalls, routers, switches, etc.) to identify security, policy, and compliance risks in your network. It helps security administrators to evaluate and prioritize network security risks.

IBM QRadar Vulnerability Manager

IBM QRadar Vulnerability Manager scans your network for vulnerabilities, as well as uses the data collected from other scanners (such as Nessus and Rapid7). Employing advanced analytics, the solution processes the vulnerability data to identify network security risks. Besides, IBM QRadar Vulnerability Manager stores the database of vulnerabilities that can further be used in correlation rules and reports by IBM QRadar SIEM

IBM QRadar Incident Forensics

Use IBM QRadar Incident Forensics to retrace the step-by-step actions of a potential attacker and conduct an in-depth forensics investigation of malicious security incidents within hours or, even, minutes.