New Custom Assessment and Remediation solution
The solution opens up the Qualys cloud platform so that security teams can quickly respond to zero-day threats and conduct compliance audits on their own customized applications
Qualys, Inc. (NASDAQ: QLYS), a pioneer and leading provider of cloud-based IT, security and compliance solutions, today introduces its new Qualys Custom Assessment and Remediation solution. With it, Qualys opens its cloud platform to allow security architects to use custom scripts that integrate natively with other Qualys applications. The new solution significantly reduces response times by enabling security teams to control workflows, secure their own customized applications, and take immediate measures to defend against threats such as zero-day attacks. As a result, security professionals are less dependent on support from IT operations teams.
When threats arise, security teams need to quickly identify and verify both the affected third-party and their own applications and fix the problems. A typical response is to create new out-of-band processes and custom scripts, which the security teams then have to roll out on hundreds or thousands of applications and endpoints using various techniques and ITSM tools. However, this approach creates blind spots in terms of auditing and tracking and impairs responsiveness.
“The reduction of the mean response time (MTTR) is the most important metric for the management of security risks, but such a reduction can only be achieved with appropriate security tools that optimize efficiency,” explains Melinda Marks, Senior Analyst, Enterprise Strategy Group. “Qualys Custom Assessment and Remediation leverages the full capabilities of the Qualys Cloud platform to accelerate the response to an identified security issue. The solution provides centralized control and helps teams troubleshoot problems within their existing tools and workflows. This saves you from inefficient and costly out-of-band post-processing cycles.“
Qualys Custom Assessment and Remediation opens Qualys’ platform to security architects and allows you to create custom scripts in popular scripting languages, custom controls and automation processes, all seamlessly integrated into existing programs. This allows teams to quickly assess and mitigate threats in their global hybrid environment.
Qualys Custom Assessment and Remediation brings the following benefits to security teams:
Rapid response to zero-day threats
The solution puts the power to quickly respond to zero-day vulnerabilities directly into the hands of security staff: by automating processes such as collecting and evaluating data, merging third-party threat intelligence feeds, and implementing appropriate remedial measures such as configuration changes, deleting suspicious files, or implementing registry changes. The result is a shorter MTTR – the crucial prerequisite to contain an attack.
Securing and checking custom applications
The security teams can add custom controls and processes for various organizational activities, including troubleshooting, without the involvement of the IT department. So you do not need to create new scripts. This increases efficiency and gives security experts time for more strategic activities.
Tight integration with Qualys VMDR workflows
Scripts are seamlessly integrated into existing VMDR workflows by assigning custom Qualys IDs and Control IDs. This increases efficiency.
Access to a central library of custom scripts and controls
The solution provides centralized control over custom scripts that can be easily mapped to workflows and is secured by role-based access control (RBAC) as well as review and approval processes. In addition, the use of scripts is simplified by a centrally managed, customizable library, which includes more than 50 popular, reusable scripts for solving common problems.
Nagi Prabhu, Chief Product Officer, Qualys
“Security teams have to deal with a wide variety of challenges, which often require individual approaches to overcome,” says Nagi Prabhu, Chief Product Officer, Qualys . “By opening up the Qualys platform, we are putting the helm in the hands of the security teams. Qualys Custom Assessment and Remediation enables the creation of custom scripts and controls that are seamlessly integrated into existing security processes and workflows, while expanding the capabilities of the cloud agent. Thanks to this, companies can react immediately to threats such as zero-day vulnerabilities.“
Qualys Custom Assessment and Remediation is now available. To test the solution for free, please visit www.qualys.com/car-trial . For more information, please join our webinar on June 1st.