Gartner Research

IBM Vulnerability Management Products

Published: 13 November 2007

ID: G00203377

Analyst(s): Eric Maiwald


IBM offers agentless vulnerability assessment with the Proventia product line and agent-based vulnerability assessment and remediation with the Tivoli product line. Management consoles between the product lines have not been integrated. Existing IBM customers on one product line will see only limited additional benefits by adding products from the other product line. In this Product Profile document, Senior Analyst Eric Maiwald examines the features and shortcomings of the IBM vulnerability management products.

Table Of Contents


  • History
  • Impact of ISS Acquisition
  • Editing, Viewing, and Creating Vulnerability Checks
  • Risk Calculations
  • Exception Handling
  • Workflow
  • Remediation
  • Standards Support
  • Proventia Integration
  • Bottom-Line Assessment

The Details

  • Asset Discovery
  • Vulnerability Identification
    • Proventia
    • Tivoli
  • Classification and Prioritization
  • Exception Handling
  • Workflow
    • Proventia
    • Tivoli
  • Remediation
  • Management Capabilities
    • Proventia
    • Tivoli

Standards Support

A Worked Example


Other Points of Integration



©2021 Gartner, Inc. and/or its affiliates. All rights reserved. Gartner is a registered trademark of Gartner, Inc. and its affiliates. This publication may not be reproduced or distributed in any form without Gartner’s prior written permission. It consists of the opinions of Gartner’s research organization, which should not be construed as statements of fact. While the information contained in this publication has been obtained from sources believed to be reliable, Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartner research may address legal and financial issues, Gartner does not provide legal or investment advice and its research should not be construed or used as such. Your access and use of this publication are governed by Gartner’s Usage Policy. Gartner prides itself on its reputation for independence and objectivity. Its research is produced independently by its research organization without input or influence from any third party. For further information, see Guiding Principles on Independence and Objectivity.

Already have a Gartner Account?

Become a client

Learn how to access this content as a Gartner client.