Analytics
2/19/2014
05:13 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

AlgoSec Partners With Qualys

New Integration Delivers Application-Centric Vulnerability Management, Aggregating and Scoring Vulnerabilities Based on Risk and Continuously Monitoring for Changes within Data Center Environments

Boston, MA – (February 19, 2014) – AlgoSec, the market leader for Security Policy Management and Qualys, Inc. (NASDAQ:QLYS), a pioneer and leading provider of cloud security and compliance solutions, today announced their partnership to enable businesses to manage security and risk across their organizations. With the partnership, the latest version of the AlgoSec Security Management Suite includes integration with QualysGuard Vulnerability Management (VM) to aggregate and score vulnerabilities associated with data center applications and their associated physical or virtual servers. This provides customers with unprecedented visibility into the risk levels of data center applications – even as they change - enabling IT and security teams to effectively communicate with business stakeholders so they can "own their risk" by quickly taking the actions needed to mitigate IT security issues.

RSA Conference 2014
Click here for more articles about the RSA Conference.

"Good risk management influences business decision making, so risks should always be addressed in a business context," wrote Paul Proctor, Analyst, Gartner Inc. "This can be a challenge for IT leaders grounded in the technology-centric aspects of IT risk."1

"Today's cyber-attacks have a direct impact on the bottom line, yet organizations lack the visibility to manage risk from the business perspective," said Yuval Baron, Chairman, President and CEO, AlgoSec. "By integrating QualysGuard VM with our solution, we are changing this paradigm to provide application-centric vulnerability management, allowing organizations to manage security in the context of business and at the speed of business."

In addition to aggregating vulnerability information per business application, AlgoSec provides a security rating across each physical or virtual server. As application connectivity flows change, vulnerability scores are automatically updated to ensure the most up-to-date view of risk to a data center application. Additionally, AlgoSec provides an immediate view of any server that has not been scanned for vulnerabilities within a specific interval.

"Businesses today need the agility to continuously identify security issues and take the necessary steps to mitigate threats," said Philippe Courtot, chairman and CEO for Qualys. "With QualysGuard integrated into the AlgoSec Security Management Suite, customers can gain better visibility into the configurations and vulnerabilities in their environments to take the appropriate remediation or mitigation actions."

The AlgoSec Security Management Suite delivers an automated and application-centric solution for managing complex policies across firewalls, routers, switches and web proxies to improve both security and business agility. The AlgoSec Suite bridges traditional gaps between security, network and application teams to simplify and automate data center and network operations. The AlgoSec Suite simplifies application delivery, streamlines change management, ensures continuous compliance, and delivers a tighter security policy that offers better protection against cyber-attacks.

The AlgoSec Suite, with application-centric vulnerability management is available immediately. The new solution will be demonstrated at RSA at AlgoSec's booth #427.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Threat Intel Today
Threat Intel Today
The 397 respondents to our new survey buy into using intel to stay ahead of attackers: 85% say threat intelligence plays some role in their IT security strategies, and many of them subscribe to two or more third-party feeds; 10% leverage five or more.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2130
Published: 2015-03-05
Cisco Secure Access Control Server (ACS) provides an unintentional administration web interface based on Apache Tomcat, which allows remote authenticated users to modify application files and configuration files, and consequently execute arbitrary code, by leveraging administrative privileges, aka B...

CVE-2014-9688
Published: 2015-03-05
Unspecified vulnerability in the Ninja Forms plugin before 2.8.10 for WordPress has unknown impact and remote attack vectors related to admin users.

CVE-2015-0598
Published: 2015-03-05
The RADIUS implementation in Cisco IOS and IOS XE allows remote attackers to cause a denial of service (device reload) via crafted IPv6 Attributes in Access-Accept packets, aka Bug IDs CSCur84322 and CSCur27693.

CVE-2015-0607
Published: 2015-03-05
The Authentication Proxy feature in Cisco IOS does not properly handle invalid AAA return codes from RADIUS and TACACS+ servers, which allows remote attackers to bypass authentication in opportunistic circumstances via a connection attempt that triggers an invalid code, as demonstrated by a connecti...

CVE-2015-0657
Published: 2015-03-05
Cisco IOS XR allows remote attackers to cause a denial of service (RSVP process reload) via a malformed RSVP packet, aka Bug ID CSCur69192.

Dark Reading Radio
Archived Dark Reading Radio
How can security professionals better engage with their peers, both in person and online? In this Dark Reading Radio show, we will talk to leaders at some of the security industry’s professional organizations about how security pros can get more involved – with their colleagues in the same industry, with their peers in other industries, and with the IT security community as a whole.