The new asset inventory app helps IT teams identify and respond to vulnerabilities in their security and compliance systems
Qualys, Inc. (NASDAQ: QLYS), a pioneer and leading provider of highly innovative cloud-based IT security and compliance solutions, today introduced CyberSecurity Asset Management (CSAM) which, based on the Qualys Cloud Platform, enables cataloging of the entire IT ecosystem, the areas of risk in the security field and to respond to critical issues, all through a unified platform.
Over the past year, organizations have accelerated digital transformation, moving to IoT and remote working with the support of technologies such as clouds and containers. This change requires a new approach to the visibility of assets which, traditionally, are the responsibility of IT and specific and innovative security tools are required.
“As a company that specializes in Security Operations, we believe you can't protect what you don't know,” he said Jatinder Pal Singh, Director of Security Operations di Informatica. “So to ensure IT security, asset management cannot limit itself to ensuring visibility of assets but must know the risk context of each software, hardware and IoT asset present in the operating environment. Our SOC asset management leverages the Qualys CyberSecurity Asset Management app to both gain visibility and assess the potential security risk of each asset, enabling SOCs to receive relevant alerts and IR analysts to implement targeted and timely actions. ”
CyberSecurity Asset Management is a complete solution that exploits the potential of the Qualys Cloud Platform – with its multiple sensors and Configuration Management Data Base (CMDB) synchronization – to continuously catalog known and unknown assets, detect installed applications and overlay context business with that of risk to establish the criticality of the assets. The solution identifies rogue or corrupted software, the absence of required security tools, and assesses the security of the attack surface. In addition, CSAM enables response options with alerts, software removal, and reporting that comply with FedRAMP, PCI-DSS, and other regulations.
“CSAM is more than just a list of IT assets, leveraging the comprehensive picture of the Qualys Cloud Platform to identify, consolidate and prioritize critical assets. In turn, the platform provides the coordination needed by the IT team to implement rapid actions to mitigate risk, without having to continuously forward reports to security teams. By offering a platform-based approach, Qualys is significantly differentiating itself in this market,” he noted Tanner Johnson, Principal Analyst di Omdia.
The Qualys CSAM app is powered by the same Qualys sensors and all-in-one cloud agent used for vulnerability management, patch management, compliance management, file integrity monitoring and EDR. CSAM allows companies to:
Create a complete and up-to-date inventory of assets (Global AssetView free app) – Leveraging multiple Qualys sensors to collect and correlate data through agentless technology, cloud agents and APIs, you get a complete inventory of managed and unmanaged assets. Through an automatic classification, and by category, of the assets present in IT, cloud and IoT environments, it offers a single structured view of the IT infrastructure.
Synchronization with the CMDB and assignment of the risk level – Use the ServiceNow CMDB sync app or Qualys Asset APIs for two-way synchronization of business context and attributes. The solution then automatically labels the assets, and assigns a level to the criticality of the risk through the data and the properties of the assets.
Detect and monitor potential security gaps – Detects rogue assets connecting to the network. Monitor assets for installed rogue software, identify those lacking security tools, and identify external assets exposed to threats, allowing IT teams to gain complete visibility, reducing risk.
Warn, report and respond – Alert IT teams when asset security is compromised, avoiding potential compliance issues. Create asset health reports for technicians, through pre-built templates for regulations like PCI, FedRAMP, etc. Take quick manual or automatic response actions that can uninstall unauthorized software using the cloud agent.
“We designed CSAM using our free Global AssetView app, which provides customers with insights into millions of devices, to reinvent asset management for security teams so they can have a complete picture of the security context of assets,” he has declared Sumedh Thakar, President and CEO of Qualys. “CSAM uses telemetry from multiple sensors, including the Qualys Cloud Agent, to give IT teams the automation they need to identify and manage vulnerabilities in their IT asset assets.”
To watch a demonstration of Qualys CSAM on June 2, please register below link.
Qualys Cybersecurity Asset Management will be available in June. To get a free trial visit the following link.
