Updated today by Qualys, Inc. its vulnerability management, detection and response (VMDR) cloud service to incorporate risk analysis capability, called TruRisk, enabling cybersecurity teams to give more priority to their remediation efforts.
As part of that effort, Qualys VMDR 2.0 is now integrated into the Shodan search engine and includes an application that integrates Qualys ’cloud service with the ServiceNow IT service management platform (ITSM).
Scott Clinton, vice president of product marketing for Qualys, said TruRisk’s ability to use Qualys agent software to better prioritize vulnerability remediation based on the unique characteristics of each IT environment.
The company claimed TruRisk beta users within the Qualys VMDR 2.0 platform reduced by an average 28% the number of critical vulnerabilities that needed to be remediate immediately. That number is based on a sample size of 2.6 million assets and 74 million detections.
The platform takes into account many factors including Common Vulnerability Scoring System (CVSS) base score, exploit code maturity, active exploitation of malware or threat groups, real-time threat indicators, active exploitation and any other mitigation control or compensation applied to the system to generate a Qualys Detection Score (QDS), Clinton explained.
Risk scores are determined by analyzing more than 180,000 vulnerabilities from more than 25 different threat intelligence sources. Qualys also shared its risk prioritization algorithm with customers to allow cybersecurity teams to better explain to business and IT leaders which vulnerabilities come first, Clinton said.
If an asset is protected from a vulnerability due to a compensating control, Clinton said the risk rating is lower. Over time, IT teams can also customize how scores are generated based on their own assessments, Clinton said. Qualys Query Language (QQL) also makes it possible to create a heat map of risk exposure to allow organizations to more easily measure the effectiveness of their cybersecurity efforts.
The overall goal is to reduce the amount of tedious experience cybersecurity teams have by allowing them to focus more of their time and effort on vulnerabilities that are likely to have the greatest impact on business, Clinton said. When a vulnerability is determined to be critical, a cybersecurity team can use automated patch management capabilities based on the QDS rating, he added.
Qualys’s cloud service also makes it possible to create code-free workflows to automate manual tasks. Qualys reports that VMDR 2.0 beta customers have also been able to reduce risk by an average of 23% by, for example, patching the top 15 vulnerabilities identified by The Cybersecurity and Infrastructure Security Agency (CISA) up to 60% faster than rival cybersecurity platforms.
Qualys makes the case for a software-as-a-service (SaaS) platform that can manage multiple cybersecurity tasks and that integrates with a company-developed agent. That approach makes it better to provide security services through the cloud in a way that is easier to use, Clinton said.
Of course, there is no shortage of cloud platforms for cybersecurity management. The issue that cybersecurity teams need to resolve is determining which of those platforms reduces their stress level rather than increasing it while continuing to detect vulnerabilities.