The need for organisations to have a cloud-based security and compliance platform was highlighted by Sumedh Thakar Interim CEO and Chief Product Officer, Qualys, during his keynote at the QCS EMEA ’21 virtual event.
He told attendees how organisations had just begun to get a grip of the role of security in Digital Transformation initiatives before the pandemic instigated a ‘seismic shift’.
Security teams had to deal with overloaded VPNs, insecure home networks and personal devices, as well as the challenges around continued patching.
And, as security teams continue in their attempts to navigate this ‘curveball’ they’ve been thrown, the complex technology estate they have in place – comprising multiple point solutions and multiple agents, multiple consoles and a slow manual response – is at the core of their dilemma.
Next generation security architecture, he said, needed to offer a consolidated approach to minimise the number of agents and sensors, and collect data in real time.
Overcoming this challenge, he said, was key to the premise of the Qualys Cloud Platform, which can collect relevant data, correlate it and manage prioritisation and prevention.
The Qualys Cloud Platform aims to address this with its three core pillars.
- Asset inventory. Complete visibility into an organisation’s global asset inventory – knowing every asset, whether managed or unmanaged, hardware or software, and being able to organise, automatically, what device belongs to which business unit, which application, which data centre, that global asset inventory, no matter what infrastructure it is, is the same.
- Prevention and remediation. Being able to detect vulnerabilities, ensuring configurations are correct and being able to take remedial action to minimise the opportunities for attackers to compromise devices.
- Detection and response. The ability to respond to zero-day threats, protection against malware and ultimately reducing the time to remediate.
In addition, he said, compliance reporting could be considered the fourth pillar, adding that if security measures were implemented correctly, the compliance part would take care of itself and reporting would be very straightforward.
“And this is a big fundamental shift that has happened in 2020 is that we went from being able to use multiple of these sensors, collecting the data, bringing them into a single platform and showing the correlated visibility and moving from just visibility into being able to take response action,” he said.
Thakar highlighted Qualys’ own Digital Transformation, which has enabled the company to expand the scope of its security offering, making it accessible in one centralised platform.
He also highlighted the ongoing enhancement to the platform including comprehensive visibility and comprehensive response actions, as well as continued improvements to the user experience.
- Visit qualys.com for on-demand content from QCS EMEA ’21 or to try a free trial .