Patching with additional remedies for misconfigurations
Qualys, Inc. (NASDAQ: QLYS), a pioneer and leading provider of groundbreaking cloud-based IT, security and compliance solutions, announces that the Qualys cloud platform is receiving an enhanced remediation capability. With the new update, companies can now fix asset misconfigurations, patch third-party OS and applications, and provide custom software. The result is improved efficiency, since it is no longer necessary to use several products and means, and a more comprehensive approach to remedial measures.
The update of the Qualys Cloud platform allows companies, in addition to patching, also to correct misconfigurations of assets and comprehensive remedial measures
Timely and comprehensive remediation of vulnerabilities is crucial for maintaining good safety hygiene and proactive risk management. Nevertheless, companies find it difficult to quickly fix vulnerabilities, which is due to several factors, for example, the ambiguity between IT and security about the responsibility for the process, especially if the action requires more than providing a simple patch. For example, to fix the Spectre/Meltdown vulnerability, in addition to providing the patch, a configuration change is also required. Also, some vulnerabilities require changing registry keys without a patch, while other vulnerabilities require a proprietary patch or updating custom software to fix them. The ambiguity between the logic of vulnerability detection and the potential complexity of remedial actions due to the need for multiple tools makes it even more difficult for IT and security teams.
“Fully fixing vulnerabilities goes beyond applying patches and often requires multiple tools and approaches depending on the type of vulnerability,” says Richard Hallade, IT Security Officer of the Luxembourg Red Cross. “The new advanced remediation feature allows us to speed up remediation efforts as we can troubleshoot configuration issues and run advanced patch jobs, such as identifying different versions of Windows 10 in our global environment, all with a single app and agent.“
Qualys Patch Management integrates seamlessly with Qualys Vulnerability Management, Detection and Response (VMDR) to address vulnerabilities by deploying patches or applying configuration changes to any device, regardless of its location. The new vulnerability remediation feature allows teams to use a single application to detect, prioritize, and remediate vulnerabilities, regardless of the remediation method required.
Sumedh Thakar, President and CEO of Qualys
“In times of Log4Shell and Pwnkit, companies must be particularly vigilant and patch exploitable vulnerabilities immediately. This requires efficiency and quick remedies, which many companies find daunting, especially due to complex processes and the need for several different tools, ” says Sumedh Thakar, President and CEO of Qualys . “Qualys Advanced Remediation increases efficiency by using a single application for comprehensive vulnerability remediation. Regardless of whether configuration changes or the deployment of scripts and proprietary software patches are required, eliminating the need to use multiple products and agents to improve response times is a key success factor for strengthening corporate cyber defenses.“
The new functions enable companies:
Fixing vulnerabilities related to configuration changes
Teams can patch and update configurations to fix all Windows-based vulnerabilities through a console and workflow. For example, you can use Qualys to distribute the relevant patches and make the necessary registry changes to fix the Spectre/Meltdown vulnerability.
Deploy and patch any Windows OS-based software on any device
Qualys Patch Management can deploy or patch any Windows-based application, whether it’s on-premises, in the cloud, or in a remote location. The Qualys Cloud Agent can distribute any software to all target devices, e.g. proprietary patches to all users in the home office.
Support for complex patch implementations and environments
Enables deployment of patches and configuration changes in complex environments with complicated workflows and dependencies. For example, Qualys used this feature to create a script for customers that would use the JndiLookup.class is removed in the context of Log4Shell, which quickly eliminates the vulnerability libraries from all systems.
Qualys Patch Management with new troubleshooting features is now available. To sign up for the free trial of Patch Management, visit qualys.com/patch-management-free-trial . To learn more, read the Advanced Remediation Blog or join this webinar on February 8th.