Qualys, a pioneer and leading provider of cloud-based security and compliance solutions, has announced its new Vulnerability Management, Detection and Response (VMDR) app to provide customers with one streamlined workflow to scan, investigate, prioritise and neutralise threats.
VMDR helps organisations of all sizes to strengthen their security posture by offering a complete VM workflow that:
- Enables vulnerability management and IT teams complete and continuous visibility of their global IT assets (known and unknown)
- Identifies vulnerabilities across those assets in real time
- Prioritises remediation using Machine Learning and context awareness
- Provides built-in orchestration workflows
- Allows one-click remediation with full audit tracking
VMDR bundles Asset Discovery and Inventory, Vulnerability Assessment including Configuration Controls, Prioritization, Remediation and Audit as a single app. It is effortless to deploy on a global scale and pricing is on a per asset basis. This pricing makes the app simple to procure as a fully bundled solution, saving deployment, administration and software subscription costs with real-time, light-weight cloud agents and virtual scanners that are easy to deploy and self-updating.
VMDR brings the vulnerability management category to the next level with a single app and built-in workflows that provide:
Automated asset identification and categorisation
Knowing what’s active in a global hybrid-IT environment is fundamental to security. With Qualys VMDR, customers can automatically discover and categorise known and unknown assets, continuously identify unmanaged assets and create automated workflows to bring them to a managed state. After the data is collected, customers can instantly query assets and their attributes to get deep visibility including hardware, system configuration, installed software, services and network connections.
Real-time vulnerabilities and misconfiguration detection
Qualys VMDR allows customers to automatically detect vulnerabilities and critical misconfigurations per CIS benchmarks, broken down by asset. Misconfigurations that do not have CVEs are a major source of breaches and compliance failures, creating vulnerabilities on the assets that do not have CVEs. Critical vulnerabilities and misconfigurations are continuously identified on the widest range of devices, operating systems and applications in the industry.
Automated remediation prioritisation
Qualys VMDR uses real-time threat intelligence and Machine Learning models to automatically prioritise the highest risk vulnerabilities on the most critical assets. Indicators such as Exploitable, Actively Attacked, High Lateral Movement, etc. are used to bubble up vulnerabilities that are currently at risk while Machine Learning models help to highlight vulnerabilities that will most likely become severe threats based on attributes of the vulnerability, providing multiple levels of prioritisation.
Patch and remediate at your fingertips
After prioritising vulnerabilities by risk, Qualys VMDR also enables rapid, targeted remediation of these vulnerabilities across any size environment by deploying the most relevant superseding patch. Additionally, policy-based, automated recurring jobs keep systems up to date, providing proactive patch management for security and non-security patches that reduce the number of vulnerabilities the operations team has to chase down as part of a remediation cycle.
Confirm and repeat
With Qualys VMDR, users can close the loop and complete the vulnerability management lifecycle from a single pane of glass with real-time customisable dashboards and widgets, built-in trending and per asset pricing, along with no software to update all of which reduce the total cost of ownership.