IBM Security Product Set

Full Product Name

Category

October 2015

Short name/abbreviation Description in roughly 10 words or less

IBM Cloud Security Enforcer

Cloud

CSE

Expands secure cloud app adoption, addressing shadow IT. Delivers SSO/policy enforcement.

IBM Security QRadar Incident Forensics (SW, HW, VA)

IBM Security QRadar Log Manager (SW, HW, VA,
)
IBM Security QRadar QFlow Collector (SW, HW, VA)
IBM Security QRadar Risk Manager (SW, HW, VA)
IBM Security QRadar SIEM (SW, HW, VA,
)

QRIF
QRadar LM, Log Manager
QFlow
Security
Intelligence QRM, Risk Manager
QRadar SIEM, SIEM
QVM

Reduce time to investigate incidents, and remediate more thoroughly

Turn-key log management, SMB to enterprise (upgradeable to SIEM)
Layer 7 application monitoring of physical network traffic (includes VFlow)
Predictive threat modeling and simulation
Integrated log, threat, risk and compliance management
Intelligent scanning - identifies and prioritizes vulnerabilities integrates for prioritization insights

IBM Security QRadar Vulnerability Manager (SW, HW, VA)

IBM Security Trusteer Rapport (SW,
)
IBM Security Trusteer Pinpoint Malware Detection Advanced Edition
IBM Security Trusteer Pinpoint Criminal Detection
IBM Security Trusteer Mobile Risk Engine
IBM Security Trusteer Mobile SDK (SW,
)
IBM Security Trusteer Mobile Browser (SW,
)
IBM Security Access Manager for ESSO (SW, VA,
,
IBM Security Access Manager (HW, VA)
IBM Security Access Manager for Web (SW, HW, VA,
IBM Security Access Manager for DataPower (SW)
IBM Security Access Manager for Mobile (HW, VA,
IBM Tivoli Federated Identity Manager (SW,
,

)
,
,

)
)

IBM Tivoli Federated Identity Manager Business Gateway (SW)

IBM Security Identity and Access Assurance (SW, VA ESSO)
IBM Security Identity and Access Manager (SW)
IBM Security Identity Governance1 (SW, VA)
IBM Security Identity Governance and Administration (SW, VA)
IBM Security Identity Manager (VA2,
)
IBM Security Privileged Identity Manager (VA2,
,
)
IBM Security Directory Integrator (SW)
IBM Security Directory Server (SW)
IBM Tivoli Security Policy Manager (SW)

Advanced
Fraud
Protection

Identity
and Access
Management
(People)

Rapport
Pinpoint Malware Detection
Pinpoint Criminal Detection
Mobile Risk Engine
Mobile SDK
Mobile App

Client-based endpoint detection, mitigation/remediation against financial malware/ phishing attacks

Real-time detection of Man-in-the-Browser malware infected devices
Provides conclusive detection of criminals and account takeover attempts
Detects mobile and high risk mobile devices
Android/iOS library for native mobile apps detect compromised/vulnerable devices
Secure mobile browser for safe web access

SAM ESSO
SAM
Access Manager, SAM for Web
SAM for DataPower
SAM for Mobile
FIM
FIM BG
IAA or SIAA
SIAM
SIG
SIGA
Identity Manager or SIM
PIM
SDI
SDS
TSPM

SSO, password management, session management, compliance and user productivity gains
All-in-one access appliance for web, mobile and cloud
Web SSO, authentication, authorization and web application firewall
Web access management software module for IBM DataPower Gateways
Next generation mobile access management
Web and Federated SSO, authentication and authorization with risk-based access
Federated SSO, risk-based access and built-in one-time password
Bundled offering of FIM, ISAM ESSO, ISIM, QRadar Log Manager
PID for the packaging of ISAM for Web and ISIM
Govern access and evaluation regulatory compliance bring IT and LoBs together
SIG and SIM packaged together, for complete identity governance/management
Creates, modifies and terminates user privileges throughout user s lifecycles.
Keeps admin (privileged user) ID usage tracked and under control
Real-time, event-driven, general-purpose data integration environment
LDAP-standard directory multiple applications share common (often user) data
Enterprise management of fine-grained authorization for numerous application environments

Formerly CrossIdeas.
Latest versions (SIM V7.0 and PIM
2.0) are VA only. Available as SW in
prior releases.

Means of delivery indicated: Software (SW), hardware appliance (HW), virtual appliance (VA) or SaaS (
Also indicated are SoftLayer/IaaS availability (
) and/or Bluemix/PaaS availability ( ).
indicates a bundle.

).

IBM Security Product Set

Full Product Name

IBM Guardium DB Activity Monitor (SW, HW, VA)

IBM Guardium Vulnerability Assessment (SW, HW, VA)
IBM Guardium for Applications (SW, HW, VA)
IBM Guardium Data Encryption (SW, HW, VA)
IBM Guardium Data Redaction (SW, HW, VA)
IBM Security Key Lifecycle Manager (SW)
IBM Security Key Lifecycle Manager for z/OS (SW)
IBM Security AppScan Enterprise (SW )
IBM Security AppScan Source (SW )
IBM Security AppScan Standard (SW )
IBM Security AppScan Mobile Analyzer
noIBM Security AppScan Dynamic Analyzer
Arxan Application Protection for IBM Solutions (SW)
Virtual Forge CodeProfiler for IBM Security AppScan Source (SW)
IBM MobileFirst Protect SaaS (MaaS360)
IBM MobileFirst Protect (MaaS360) (SW)
IBM Security Content Analysis Software Development Kit (SW)
IBM Security Network Intrusion Prevention System (HW)
IBM Security Network Protection (HW)
IBM Security SiteProtector System (HW, SW)
IBM BigFix Compliance (SW)
IBM BigFix Protection (SW)
IBM BigFix Patch (SW)
IBM BigFix Inventory (SW)
IBM BigFix Lifecycle (SW)
IBM Security Trusteer Apex Advanced Malware Protection (SW,
IBM Security zSecure Admin (SW)
IBM Security zSecure Audit (SW)
IBM Security zSecure Visual (SW)
IBM Security zSecure Alert (SW)
IBM Security zSecure Command Verifier (SW)
IBM Security zSecure CICS Toolkit (SW)
IBM Security zSecure Adapters for QRadar SIEM (SW)
IBM Security zSecure Administration (SW)
IBM Security zSecure Compliance and Auditing (SW)

Category

Data
Security

Application
Security

Infrastructure
Security
(Network,
Server and
Endpoint)

October 2015

Short name/abbreviation

Description in roughly 10 words or less

Guardium DAM
Guardium VA
Guardium for Apps
Guardium Data Encryption
Guardium Data Redaction
SKLM
SKLM for z/OS
AppScan Enterprise
AppScan Source
AppScan Standard
AppScan Mobile Analyzer
AppScan Dynamic Analyzer
Arxan
Virtual Forge CodeProfiler
MaaS360 SaaS
MaaS360 on Premise
Content Analysis SDK
Network IPS or NIPS
Network Protection (XGS 5000)
SiteProtector
BigFix Compliance
BigFix Protection
BigFix Patch
BigFix Inventory
BigFix Lifecycle
Apex
zSecure Admin
zSecure Audit
zSecure Visual
zSecure Alert
zSecure Command Verifier
zSecure CICS Toolkit
zSecure SIEM Adapters
zSecure Administration Bundle
zSecure Compliance and Auditing

Real time data activity monitoring with blocking/masking capabilities

Vulnerability assessment for databases
Dynamic web application data masking
DBMS encryption (Oracle, SQL Server, DB2, IMS, ) and file encryption
Protects sensitive data in documents and forms from unintentional disclosure
Enterprise management of encryption keys (key server on distributed platforms)
Enterprise management of encryption keys (key server on mainframe)
Enterprise dynamic (unattended, parallel) app scanning and reporting
Static testing of application source code for vulnerabilities
Dynamic testing of running web applications for vulnerabilities
Identifies security vulnerabilities in mobile apps
Secures web applications deployed on IBM Bluemix
Harden and build run-time protection into mobile applications
Identify and remediate vulnerabilities in ABAP source code
Enterprise mobile platform - security/management for applications/documents/email/devices
Enterprise mobile platform - security/management for applications/documents/email/devices
SDK offering access to IBMs web page, image, email filters
Analyzes network protocols/traffic to detect attacks includes virtual patch
Full protocol, content and application-aware protection
Admin tool for IBM Threat Protection - command, control, correlation, reporting
Protect endpoints. Better meet security compliance. Reduce costs and enhance agility.
Near real-time protection from malware and other malicious threats.
Server management lifecycle management; security and compliance and server automation
Software asset management - discover all licensed/unlicensed software for all devices
Find/fix endpoint problems - connected or not, fixed or mobile, virtual or physical.
Protects employees from advanced malware - stops 0-day exploits / data exfiltration
Solution to improve administration, audit, and compliance for System z
Provides highly customizable reporting and analysis of audit records
Windows based GUI modernizes and helps with RACF consumability
Real-time threat monitoring extending RACF/ACF2 real-time notification capabilities
Controls compliance prevents erroneous or out-of-policy RACF commands
Access RACF commands & APIs from CICS -> additional administrative flexibility
Sends enriched mainframe SMF audit records to QRadar SIEM
Bundle of zSecure Admin and zSecure Visual
Bundle of zSecure Audit, zSecure Alert and zSecure Command Verifier

indicates a bundle.
Means of delivery indicated: Software (SW), hardware appliance (HW), virtual appliance (VA) or SaaS (
Also indicated are SoftLayer/IaaS availability (
) and/or Bluemix/PaaS availability ( ).

).