Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


Overview Of JSA Vulnerability Manager


The JSA Vulnerability Manager scanner is end of life (EOL) in JSA 7.5.0 Update Package 6, and is no longer supported in any version of JSA. In JSA 7.5.0 Update Package 6 and later, you can continue to use third-party scanners with your JSA Vulnerability Manager platform, but you cannot scan within your DMZ.

JSA Vulnerability Manager is a third-party scanning platform that detects vulnerabilities within the applications, systems, and devices on your network.

JSA Vulnerability Manager uses security intelligence to help you manage and prioritize your network vulnerabilities. For example, you can use JSA Vulnerability Manager to continuously monitor vulnerabilities, improve resource configuration, and identify software patches. You can also, prioritize security gaps by correlating vulnerability data with network flows, log data, firewall, and intrusion prevention system (IPS) data.

You can maintain real-time visibility of the vulnerabilities that are detected by the built-in JSA Vulnerability Manager scanner and other third-party scanners. Third-party scanners are integrated with JSA and include Guardium, AppScan, Nessus, nCircle, and Rapid 7.


Upon deployment, the JSA Vulnerability Manager automatically updates the default BB:Host Definition: VA Scanner Source IP building block to include the locations of all the QVM processors. This behavior is by design.

To manually add to this building block, add a new source IP Test Group with new IP addresses.

Unless otherwise noted, all references to JSA Vulnerability Manager refer to JSA Vulnerability Manager. All references to JSA refer to JSA and Log Manager and all references to SiteProtector refer to IBM Security SiteProtector.