Comprehensive Software Reviews to make better IT decisions
Qualys Announces New Flagship Product, Qualys VMDR
Qualys announced its new flagship product, Qualys VMDR, at RSA Conference 2020. According to the Qualys website, VMDR will be available after March 30, 2020.
Qualys VMDR, which stands for Vulnerability Management, Detection, and Response, is an all-in-one cloud-based product for vulnerability scanning and management. In addition to the standard vulnerability management offering, this new product includes built-in orchestration, which combines vulnerability management, threat detection and prioritization, response, and asset management into a cyclical process that Qualys refers to as the VMDR cycle.
Source: Qualys at SoftwareReviews. Published December 2019
Source: Vulnerability Management Emotional Footprint at SoftwareReviews
Qualys VMDR is intriguing, as it connects the dots on remediation activity through its new orchestration model. The tying in of asset management is a logical step, as it empowers an organization to operationalize the configuration management of its assets. As of this writing, it is unclear what level of integration Qualys VMDR will have with third-party IT asset management (ITAM) or IT service management (ITSM) systems.
Want to Know More?
SC Media had its recent 2020 SC Awards Honored in the U.S. event and has awarded Qualys recognition for Best Vulnerability Management Solution in the “Trust Awards” category.
There is a vulnerability at the layer 2 Wi-Fi encryption level called Kr00k (formally CVE-2019-15126 in the NIST National Vulnerability Database) affecting Broadcom and Cypress Semiconductor Wi-Fi devices.
Microsoft’s end-of-life support for Windows 7 has run into its first set of issues with its extended security updates (ESUs). Administrators who paid for the ESU found out their downloads are not applying.
Qualys’ newest product, VMDR (Vulnerability Management, Detection, and Response), will be available in March and will provide an all-in-one cloud-based solution for vulnerability management. VMDR will automate the entire management cycle on all endpoints.
Microsoft has added its Windows 10 Tamper Protection controls to the public version of Microsoft Defender. Previously available only to enterprise users, Tamper Protection is intended to better detect threats that make it past other defences and to provide remediation suggestions.
Qualys Research Labs, a vulnerability management provider, discovered a vulnerability in the OpenSMTPD Mail server used in conjunction with the OpenBSD operating system. This flaw allows for an attacker to execute arbitrary code with command privileges.
A leaked UN report showed that servers were compromised during a cyberattack that exploited an older version of Microsoft SharePoint. This breach is a case study in the importance of both patch management and transparency.
Reported by Microsoft on January 17, the company admitted to another vulnerability in the older versions of its Windows products. A vulnerability in the remote code execution (RCE) was found in the scripting engine of Internet Explorer (IE).
Last fall, Microsoft announced that it would be ending support for Windows 7 on January 14, 2020.