When threats hit, security teams need to quickly discover, assess and remediate both their third-party and custom applications. A typical response involves creating new out-of-band processes and custom scripts that need to be rolled out across hundreds or thousands of applications and endpoints by the security teams using a variety of techniques and ITSM tools. This approach creates a blind spot from an auditing and tracking standpoint and negatively impacts responsiveness.
"Reducing mean time to respond (MTTR) is the key metric for managing security risk, but it requires having the right security tools in place to optimize efficiency," said Melinda Marks, senior analyst at Enterprise Strategy Group. "Qualys Custom Assessment and Remediation leverages the comprehensive capabilities of the Qualys Cloud Platform to speed up your ability to respond to a detected security issue. It provides centralized control while helping teams remediate issues within their existing tools and workflows, saving them from inefficient, costly out-of-band rework cycles."
Qualys Custom Assessment and Remediation opens the Qualys Platform for security architects allowing the creation of custom scripts in popular scripting languages, user-defined controls and automation, all seamlessly integrated within existing programs to quickly assess, respond and remediate threats across your global hybrid environment.
Qualys Custom Assessment and Remediation enables security teams to:
Quickly Address Zero-Day Threats– The solution puts the power to rapidly respond to zero-day vulnerabilities directly in the hands of the security team by automating processes such as collecting and evaluating data, synthesizing third-party threat intelligence feeds, and performing appropriate remediation actions, such as configuration changes, deleting suspicious files or deploying registry changes. The result is an accelerated MTTR, which is critical to containing an attack.
Secure and Audit Custom Applications – Security teams can add customized controls and processes, without IT intervention, for various organizational activities including remediation actions eliminating the need to reinvent new scripts. This improves efficiency and allows security practitioners time to focus on more strategic activities.
Tightly Integrate into Qualys VMDR Workflows – Scripts are seamlessly integrated into existing VMDR workflows via assignment of custom Qualys IDs and Control IDs, which increases efficiency.
Access a Centralized Library for Custom Scripts and Controls – The solution provides centralized control over custom scripts easily mapped into workflows, and it is secured by role-based access control (RBAC) as well as review and approval processes. Additionally, deployment of scripts is simplified by using a centrally managed and customizable library of more than 50 popular reusable scripts to address common problems.
"Security teams struggle to manage and respond to a range of challenges that often require custom approaches," said Nagi Prabhu, chief product officer, Qualys. "By opening the Qualys Platform, we put security teams in the driver's seat. Qualys Custom Assessment and Remediation enables the creation of custom scripts and controls that are seamlessly integrated into existing security processes and workflows while extending the capabilities of the Cloud Agent so organizations can respond to threats such as Zero-Days immediately."Availability
Qualys Custom Assessment and Remediation is immediately available. To request a free trial, visit www.qualys.com/car-trial. Learn more by joining our June 1 webinar.Additional Resources
- Learn about Qualys Custom Assessment and Remediation
- Details on the Qualys Cloud Platform
- Follow Qualys on LinkedIn and Twitter
Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of disruptive cloud-based security, compliance and IT solutions with more than 10,000 subscription customers worldwide, including a majority of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and automate their security and compliance solutions onto a single platform for greater agility, better business outcomes, and substantial cost savings.
The Qualys Cloud Platform leverages a single agent to continuously deliver critical security intelligence while enabling enterprises to automate the full spectrum of vulnerability detection, compliance, and protection for IT systems, workloads and web applications across on premises, endpoints, servers, public and private clouds, containers, and mobile devices. Founded in 1999 as one of the first SaaS security companies, Qualys has strategic partnerships and seamlessly integrates its vulnerability management capabilities into security offerings from cloud service providers, including Amazon Web Services, the Google Cloud Platform and Microsoft Azure, along with a number of leading managed service providers and global consulting organizations. For more information, please visit http://www.qualys.com.