Qualys announced Qulys Vulnerability Management, Detection and Response (VMDR) 2.0. The new cloud-based solution provides insights into an organization’s risk posture along with the ability to use drag and drop workflows to organize responses, the company says.
The doubling of revealed vulnerabilities over the past five years, the speed at which vulnerabilities have been armed and the lack of cyber talent have left teams struggling to go through vulnerabilities with no way to fix all this.
According to Qualys, security and IT teams need a new systematic approach to reduce noise and prioritize fixing the most critical vulnerabilities that will reduce risk to their environment.
Qualys VMDR 2.0 is designed to provide insight for security and IT teams that need to focus on vulnerabilities that truly reduce risk.
Qualys beta customers with TruRisk capabilities are prioritized on average 28% fewer critical vulnerabilities in a sample size of 2.6 million assets and 74 million detections, the company said. Simultaneously, they were able to reduce risk by an average of 23% and in some cases as high as 50%, the company said.
IDC research director Michelle Abraham said, “Cyber risk is becoming part of the business risk equation. Even the most advanced organizations can’t patch all the threats they’ve discovered. , which increasingly includes poorly configured services.
“Organizations must prioritize efforts that result in maximum risk reduction. Qualys’s approach to cyber risk management takes into account many factors such as vulnerabilities and misconfiguration of systems, in order to organizations can focus on fixes that lower their overall risk. “
Qualys VMDR with TruRisk solution helps security and IT teams increase efficiency and save time by providing shared context and the ability to create drag and drop workflows to automate processes of operational vulnerability management, including ephemeral cloud asset vulnerability analysis, alerting and prioritization.
Qualys VMDR with TruRisk enables Security and IT teams to:
- Reduce risk through holistic scoring: Identify risk across attacks including vulnerabilities, incorrect configurations, and digital certificates, link to business criticality and exploit intelligence from hundreds of sources, including the surface exposure data of the Shodan attack. Qualys VMDR with TruRisk automatically prioritizes vulnerabilities when compensation controls are implemented, monitors risk reduction trends over time and helps organizations measure and report the effectiveness of their cybersecurity program in hybrid environments.
- Quick remediation to scale: Use rule-based integrations between VMDR and ITSM tools such as ServiceNow and JIRA, along with dynamic vulnerability tagging, to automatically assign remediation tickets to give- prioritize vulnerabilities and bridge the gap between security and IT teams. Orchestrate remediation directly from the ITSM tool to help close vulnerabilities faster and reduce mean remediation time.
- Receive preemptive attack alerts: External threat intelligence, from more than 180,000 vulnerabilities and 25 plus threat and exploit intelligence sources, is natively associated with vulnerabilities and incorrect configurations to promptly alert teams to vulnerabilities exploited by malware or used in an active malicious campaign known to the target. your industry.
- Automate operational workflows: Teams save time and resources using Qualys Qflow technology. They can build drag and drop visual workflows to automate time-consuming and complex vulnerability management tasks, such as vulnerability analyzes for ephemeral cloud assets, alerting for high-profile threat or quarantine on high-risk assets.
Qualys president and CEO Sumedh Thakar said, “In this age of increasing attacks and board-level attention to cyber resiliency, good cyber risk management is more important than ever.
“With VMDR 1.0, we have evolved by bringing the four key elements of vulnerability management into a seamless workflow to help organizations respond efficiently to threats.
“We are changing the game again with VMDR 2.0 which allows organizations to initiate remediation workflows for vulnerability management tasks, prioritize remediation on critical risk-reducing issues and streamline responses and integration with ITSM solutions like ServiceNow. “