Qualys announced Qulys Vulnerability Management, Detection and Response (VMDR) 2.0. The new cloud-based solution provides unprecedented insights into an organization’s unique risk posture along with the ability to use drag and drop workflows to organize responses.
The doubling of revealed vulnerabilities over the past five years, the speed at which vulnerabilities are being used as a weapon, and the lack of cyber talent, have left teams struggling to cross a mountain of vulnerabilities. that there is no way to fix it all. Security and IT teams need a new systematic approach to reduce noise and prioritize fixing the most critical vulnerabilities that will reduce risk to their environment.
Qualys VMDR 2.0 provides security insight and IT teams need to focus on vulnerabilities that truly reduce risk. Qualys beta customers with TruRisk capabilities are prioritized on average 28% fewer critical vulnerabilities in a sample size of 2.6 million assets and 74 million discoveries. Simultaneously, they were able to reduce the risk by an average of 23% and in some cases as high as 50%.
“Cyber risk is becoming part of the business risk equation. Even the most advanced organizations can’t patch all the threats they’ve discovered, increasingly including poorly developed services. configure, “said Michelle Abraham, director of research at IDC.” Organizations should prioritize efforts that result in maximum risk reduction. Qualys’s approach to cyber risk management takes into account many factors such as of vulnerabilities and misconfigures of systems, so organizations can focus on fixes that lower their overall risk. ”
Qualys VMDR with TruRisk offers risk-based vulnerability management for those with unprecedented insight into an organization’s unique risk posture to prioritize its most critical vulnerabilities in hybrid environments . The solution helps security and IT teams increase efficiency and save time by providing shared context and the ability to create drag and drop workflows to automate operational processes in vulnerability management. time-consuming including vulnerability analysis of ephemeral cloud assets, alerting, and prioritization.
“Qualys VMDR in conjunction with TruRisk has helped us improve our program by providing more context to threats and risks, better identifying high-risk vulnerabilities, some of which have previously been rate as low or moderate severity of the standard vulnerability scoring system (CVSS). It is eye opening to see that some of the identified assets that present the highest risk to the organization are not always immediately identified. The transparency of the rating algorithm makes it easy to justify prioritizing and get all relevant security and IT stakeholders aligned and act quickly to fix the risk, ”said Brian Penn, manager, Security Posture in Aflac.
“The sheer number of intrusion attempts that our security teams encounter on a weekly basis is frightening, and the task of prioritizing the most critical is an ongoing battle,” said Elie Abouzeid, vice president of Information Security for DentaQuest. “Qualys TruRisk helps us focus on the vulnerabilities that pose the highest risk and provides actionable insights to fix them first. In addition to risk scores, integration with ServiceNow ITSM allows our teams to assign tickets, track status and perform remediation all under a single coordinated view from investigation to resolution.
Qualys VMDR with TruRisk enables Security and IT teams to:
Reduce risk with holistic scoring -Identify risk throughout the attack including vulnerabilities, incorrect configuration and digital certificates, relate to business criticality and exploit intelligence from hundreds of sources, including exposure data over the attack of Shodan. Qualys VMDR with TruRisk automatically eliminates the priority of vulnerabilities when compensation controls are implemented, monitors risk reduction trends over time, and helps organizations measure and report the effectiveness of their cybersecurity programs in hybrid environments.
Quickly remediate in size -Use rule-based integrations between VMDR and ITSM tools such as ServiceNow and JIRA, along with dynamic vulnerability tagging, to automatically assign remediation tickets to prioritize vulnerabilities and bridge the gap between security and IT teams. Orchestrate remediation directly from the ITSM tool to help close vulnerabilities faster and reduce mean remediation time.
Receive preemptive attack alerts – External threat intelligence, from more than 180,000 vulnerabilities and 25 plus threat and exploit intelligence sources, is natively associated with vulnerabilities and incorrect configurations to promptly alert teams to vulnerabilities exploited by malware or those used in an active malicious campaign known to target your industry.
Automate operational workflows – Teams save valuable time and resources using Qualys Qflow technology. They can build drag and drop visual workflows to automate time-consuming and complex vulnerability management tasks, such as vulnerability analyzes for ephemeral cloud assets, alerting for high-profile threat or quarantine on high-risk assets.
“In this era of increasing attacks and board-level attention to cyber resiliency, efficient cyber risk management is more important than ever,” said Sumedh Thakar, president and CEO of Qualys. “With VMDR 1.0, we innovated by bringing the four key elements of vulnerability management into a seamless workflow to help organizations respond efficiently to threats. We will once again change the game through VMDR 2.0 allowing organizations to initiate remediation workflows for vulnerability management tasks, prioritize remediation on critical risk-reducing issues, and i streamline responses and integration with ITSM solutions such as ServiceNow.