Comprehensive software reviews to make better IT decisions
Qualys Unveils Its New Vulnerability Management, Detection, and Response Matrix
Qualys’ newest product, VMDR (Vulnerability Management, Detection, and Response), will hit the public market in March. Debuted at a live demo on February 25 at the Qualys Security Conference 2020 San Francisco, VMDR will provide an all-in-one cloud-based solution for vulnerability management. VMDR will automate the entire management cycle on all endpoints. The goal is to synergize aspects of endpoint solutions into one application for better management and visibility.
Source: Qualys. Accessed March 17, 2020.
VMDR takes endpoint solutions that can be separate instances and consolidates them into one management cycle. Qualys approaches vulnerability management along with its additional components of threat detection and prioritization, responses and patch management, and asset management. The entire dashboard allows administrators to analyze the riskiest vulnerabilities of the most critical assets first.
- It’s all in the cloud. No need for bulky appliances. Everything is in the cloud and ready to run.
- It’s easy to deploy. Deployment is simple. With an unlimited virtual scanner, you can pin a scanner up and be ready to go in no time.
- It includes Vulnerability Management (VM). VMDR has the same vulnerability management solution that you have come to know and trust, as well as many other great apps.
- It saves time and money. Using a single cloud platform saves significant resources and the time required to otherwise install agents and consoles.
VMDR also allows you to see every asset on your network, including the unmanaged assets. This includes assets on your premises, endpoints, cloud assets, containers, operational technology (OT), and Internet of Things (IoT) environments. VMDR assesses these assets from all these vectors and analyzes the exploitable vulnerabilities for patching and remediation. VMDR automates the entire process and accelerates an organization’s ability to respond to, detect, and prevent possible threats
Qualys’ VMDR takes four separate entities of IT security and merges them into one cycle. These four aspects flow well into one another, and it only makes sense to have a process that encapsulates them all.
Particularly of note is VMDR’s ability to detect unseen assets on your network. Shadow IT is a common problem for enterprises as they continue to grow. By being able to detect these unauthorized assets and see their vulnerability ratings, a business can make informed decisions as to their merit and/or risk to its IT security program.
VMDR also works to patch the vulnerabilities that have been identified. After prioritizing your vulnerabilities, VMDR works to remediate them. VMDR scans and downloads the latest patch to make sure that your enterprise is always equipped with the latest version. Vulnerability management and patch management are intertwined aspects of IT security. By having these aspects work in tandem within one program, VMDR can expedite the process while providing consistency in your security measures. This reduces the vulnerabilities for an operations team, saving time and effort.
Qualys provides a full list of the VMDR workflow processes on its site. The consolidation of separate programs into one application is great for cutting down asset management and redundancies in your programs array. Qualys will also roll out a free version of the program with some VMDR functionalities to all its existing customers at no extra cost. The pricing is based on a per asset basis, starting at $199 and a minimum of 32 assets. We’ll be following VMDR to see its impact within the vulnerability management market and its emotional footprint for users.
Want to Know More?
COVID-19 has changed a great deal about how businesses operate. From a security perspective, however, COVID-19 caught many businesses off guard. The shift from working in the office to working from home has made it difficult for security measures to keep pace. Specifically, how are businesses meant to maintain the same secure networks when their employees are no longer working in the office? Outside of the security of the IT departments, IT and security have a tough time ensuring that patching and vulnerability management remain at the forefront of a business’s priorities.
From employee management through leadership and communication, increased cyber threats, logistics and operations to post-pandemic planning and risk mitigation, the threat landscape has experienced enormous change. These noticeable shifts force us to consider rethinking and retooling how we address risk.
GTB Technologies, a smaller vendor known for dedicating itself solely to DLP solutions, has introduced a new multi-tenancy feature for its SDK that aims to improve quality and efficiency for DLP-integrated application development.
In an interview with Allison Furneaux, VP Marketing at CyberSaint Inc., developers of CyberStrong Integrated Risk Management platform in June 2020, Allison indicated that its focus has been on cybersecurity from the beginning.
LogicGate is a governance, risk and compliance automation platform offered by LogicGate Inc., headquartered in Chicago, that helps organizations to automate their risk processes.
I recently had the opportunity to speak with Jason Rohlf, VP Solutions, Mark Scheinkoenig, VP Commercial Sales, and Emily Figg, VP Marketing about their GRC solution at Onspring to discuss the product audience and upcoming features.
The Department of Justice is looking to acquire a GRC tool for the Office of the CIO within the FBI’s Enterprise Information Security Section.
Google has identified “unsafe” code in the Chromium web browser engine. This flaw introduces a potential vulnerability that effects Google Chrome, as well as all Chromium-based web browsers.
The International Association of Privacy Professionals (IAPP) has released its 2020 Privacy Tech Vendor report, reviewing key software solution vendors within the space. This year’s report highlighted the recent addition of Data Subject Request (DSR) to the feature categories.