In this interview for Help Net Security, Mehul Revankar, VP of Product Management & Engineering for VMDR at Qualys, talks about Qulys Vulnerability Management, Detection and Response (VMDR) 2.0 with TruRisk.
The solution provides unprecedented insights into an organization’s unique risk posture along with the ability to use drag and drop workflows to organize responses.
Qualys announced Vulnerability Management Detection and Response 2.0 along with TruRisk. Tell us more about the new capabilities, what can security and IT teams do with it?
Organizations now face a growing number of catastrophic breaches, internet-shaking vulnerabilities, nation-state-backed attacks, and a sharp rise in ransomware-which Verizon’s DBIR 2022 reports of a 13% YoY increase, an increase as large as the cumulative last five years.
Governments around the world are beginning to take significant steps to defend against hacking gangs and continue to evolve in tandem with new legislation and increased cyber protocols. However, even with an increased focus on protecting digital assets, bad actors have started early, and organizations are still reporting anxiety over their ability to avoid ongoing threats.
VMDR 2.0 with TruRisk was developed based on customer conversations to demonstrate what tools are needed to uplevel their risk-focused cyber security programs. We found that what they needed most was the ability to prioritize and respond to the most compelling threats that present the highest risk to their organization. New product capabilities include:
- Track Cyber Risk based on Business Context -Comprehensively calculate risk on attack surfaces such as vulnerabilities, incorrect configurations, and digital certificates associated with business criticality and exploit intelligence from hundreds of sources, including surface exposure data of Shodan attacks to proactively measure, monitor and inform danger.
- Quick Remediate to Scale -Rule-based integrations between VMDR and ITSM tools such as ServiceNow ITSM and JIRA, along with dynamic vulnerability tagging, automatically assign remediation tickets to vulnerability priorities.
- Receive Preemptive Attack Alerts – External threat intelligence, from more than 180,000 vulnerabilities and 25 plus threat and exploit intelligence sources, is natively associated with vulnerabilities and incorrect configurations to promptly alert teams to vulnerabilities exploited by malware or those used in an active malicious campaign known to target your industry.
- Automate Workflows -Qflow technology, built on the Qualys Cloud Platform, delivers drag and drop visual workflows to automate time-consuming and complex vulnerability management tasks such as conducting vulnerability analyzes for ephemeral cloud assets while launching or alerting them for high -profile threats or high quarantine. risk assets that save valuable resources and time.
Cyber risk is becoming part of the business risk equation. What is included in your cyber risk management strategy? How is it different from what other vendors offer?
Regardless of size, geography or industry – for today’s CISOs, managing cyber risk is a job.
With the introduction of VMDR 1.0 in 2020, Qualys brought the four key elements of vulnerability management into a seamless workflow to help organizations respond efficiently to threats. Qualys is redesigning the vulnerability management game with its VMDR 2.0 with TruRisk.
Qualys VMDR differs with TruRisk from other vulnerability management solutions in that it helps measure risk across all vulnerabilities, assets and asset groups – helping organizations actively reduce risk exposure and track mitigation of danger over time. This is done by taking into account many factors-exploit the maturity of the code, active exploitation of vulnerabilities, the criticality of the asset, its location etc. -so that organizations can get a holistic view of their environment and focus efforts on fixes that will reduce their overall risk. Diversity enhancements include:
- Allowing organizations to initiate remediation workflows: This addition of automated workflows brings an orchestration machine into the vulnerability management space that nothing has been done before.
- Automatic priority: Automatically prioritizes vulnerabilities when compensation controls are in effect, monitors risk reduction trends over time, and helps organizations measure and report the effectiveness of their cybersecurity program across the hybrid that environment.
- New integrations:Actions such as changing patches, configuration fixes or workarounds, paired with the ability to orchestrate remediation directly from the ITSM tool, help close vulnerabilities faster and reduce downtime. in remediation.
Another unique factor of the product is the comprehensive threat and exploitation intelligence that includes vulnerability intelligence for 180+ vulnerabilities tracked across 25+ different threat intelligence sources. These insights respond directly to the VMDR solution – guiding customers to impending and rising threats.
Qualys allows customers to not only stay afloat but be more proactive and improve overall stability. how
The doubling of revealed vulnerabilities over the past five years, the speed at which vulnerabilities are being exploited, and the lack of IT and cyber talent, have left teams struggling to cross a mountain of vulnerability that there is no way to fix it all. Security and IT teams need a new systematic approach to reduce noise and prioritize fixing the most critical vulnerabilities to reduce risk to their environment.
But vulnerability management based on CVSS scores alone should not be prioritized. Of the universe of 185,446 known vulnerabilities, only 29% have available exploits, only 2% have weaponized exploit code and threat actors actively use only 0.16%. TLDR: Cyber danger is best achieved by focusing on issues that present the highest threat to your environment.
Qualys ’approach to risk and vulnerability management is more than just sharing a list of laundry vulnerabilities. It helps organizations prioritize and create remediation plans with risk-based vulnerability management. It gives security and IT teams a shared context and the ability to create workflows to quickly adapt and respond to threats.
We think our customer, Brian Penn, Security Posture manager at Aflac, is the best to say, “Qualys VMDR along with TruRisk has helped improve our program by providing more context to threats and risks, better identifying high-risk vulnerabilities, some of which are standard vulnerability scoring system (CVSS) have previously been rated as low or moderate severity.It is eye opening to see that some of the identified assets showing the highest risk to the organization is not always immediately identified.The transparency of the rating algorithm makes it easy to justify prioritizing and capture all relevant security and IT stakeholders and act quickly to fix the risk. ”
When can customers test Qualys VMDR 2.0 using TruRisk?
Qualys VMDR along with TruRisk have been in beta for the past few months with several customers – including Fortune 500 insurance organization, Aflac and dental insurance company Dentaquest – testing out new features. More than sixty Qualys customers are part of the beta program. Qualys VMDR along with TruRisk has helped customers prioritize up to 45.53% fewer critical vulnerabilities-with many organizations reducing true risk by more than 51.10%.
Qualys VMDR with TruRisk will be generally available for all existing and prospective customers in late June. Organizations can sign up for a free trial.