A new feature constantly updates endpoints with the latest patches to reduce the risk of ransomware incidents
Qualys, Inc. (NASDAQ: QLYS), a pioneer and leading provider of highly innovative cloud-based IT security and compliance solutions, has integrated zero-touch patching capabilities into Qualys Patch Management. Zero-touch mode ensures that enterprise endpoints and servers are automatically updated as patches are available, reducing the attack surface.
Most vulnerability remediation activities involve multiple teams and processes: starting from the analysis tool that detects vulnerabilities and then involving the team tasked with neutralizing them. It is a procedure that requires the use of additional resources, involves costs and extends the exposure time to vulnerabilities. Lack of alignment between detection, patching, and manual remediation processes is the number one cause of late patching.
“Qualys Patch Management helps us quickly eliminate vulnerabilities from remote systems by prioritizing the most urgent ones without using a VPN,” he said Surendra Nemani, Head Security Engineering di Infosys. “The zero-touch capabilities support third-party applications such as Microsoft, Adobe and various browsers. We can configure patching in advance, creating correlation between patches and vulnerabilities, making the teams that manage the platform more effective and improving patch management processes. We chose Qualys Patch Management because it integrates natively into Qualys VMDR and allows us to coordinate cross-platform remediation.”
“Your endpoint protection strategy must include gathering intelligence from detection and response processes to improve prevention measures. Qualys is well positioned to use vulnerability and threat intelligence insights into its patch management solution,” he said Chris Kissel, Research Director Security & Trust Products Group di IDC. “Qualys' choice to evolve its patching system by adding zero-touch automation is smart because it eliminates non-core threats related to, for example, patching in Chrome or iTunes. It is welcome because it helps reduce the attack surface of companies and free up IT and security resources to use them on strategic tasks.”
Qualys Patch Management uses the Qualys Cloud Platform and Qualys Cloud Agents to help IT and security managers neutralize vulnerabilities and patch systems efficiently and quickly. This type of intelligent automation helps you prioritize vulnerabilities – using particular indicators of threats such as ransomware – correlate priority vulnerabilities with known patches, and use zero-touch “set and forget” patches to automatically apply patches devices and applications based on predefined policies, increasing productivity. A company could define, for example, a policy that keeps Adobe Reader constantly updated on all staff laptops.
The new features allow you to:
Reduce the risk from threats such as ransomware
Zero-touch patching automatically identifies and deploys the correct patches and applies the changes necessary to neutralize vulnerabilities. Then, using the Qualys VMDR (Vulnerability Management, Detection and Response) solution, it prioritizes vulnerabilities based on real-time threat indicators such as the presence of ransomware, ongoing attacks, vulnerability exploitation and helps companies mitigate cyber risk .
Accelerate compliance with vulnerability SLAs
Patching to meet compliance obligations is automated to make it easier for security teams to comply with internal policies and regulations. If they can identify the riskiest products, companies can focus automatic interventions on those that introduce the most vulnerabilities. Additionally, quickly applying patches to address low operational risks accelerates remediation times and improves compliance with vulnerability SLAs.
Reduce costs and complexity
Patching endpoints occurs quickly and systematically through the cloud without requiring manual intervention. Since the update occurs regardless of the location of the endpoint or its connection to the corporate network, the cost of securing any attack vector is reduced. Eliminating the need to use a VPN for patching helps dramatically reduce costs.
“Considering that the volume of cyber attacks is growing exponentially, integrating automation into cybersecurity assets has become a must,” he said Sumedh Thakar, President and CEO of Qualys. “As companies implement zero-trust security frameworks, the ability to automate patching to trust all their assets becomes an essential aspect of their cybersecurity strategy.”
Availability
Qualys zero-touch patching will be available starting in October as part of the Qualys Patch Management app. To sign up for a free trial of Patch Management, visit qualys.com/patch-management-free-trial.
