Comprehensive software reviews to make better IT decisions
Qualys Unveils Its New Vulnerability Management, Detection, and Response Matrix
Qualys’ newest product, VMDR (Vulnerability Management, Detection, and Response), will hit the public market in March. Debuted at a live demo on February 25 at the Qualys Security Conference 2020 San Francisco, VMDR will provide an all-in-one cloud-based solution for vulnerability management. VMDR will automate the entire management cycle on all endpoints. The goal is to synergize aspects of endpoint solutions into one application for better management and visibility.
Source: Qualys. Accessed March 17, 2020.
VMDR takes endpoint solutions that can be separate instances and consolidates them into one management cycle. Qualys approaches vulnerability management along with its additional components of threat detection and prioritization, responses and patch management, and asset management. The entire dashboard allows administrators to analyze the riskiest vulnerabilities of the most critical assets first.
- It’s all in the cloud. No need for bulky appliances. Everything is in the cloud and ready to run.
- It’s easy to deploy. Deployment is simple. With an unlimited virtual scanner, you can pin a scanner up and be ready to go in no time.
- It includes Vulnerability Management (VM). VMDR has the same vulnerability management solution that you have come to know and trust, as well as many other great apps.
- It saves time and money. Using a single cloud platform saves significant resources and the time required to otherwise install agents and consoles.
VMDR also allows you to see every asset on your network, including the unmanaged assets. This includes assets on your premises, endpoints, cloud assets, containers, operational technology (OT), and Internet of Things (IoT) environments. VMDR assesses these assets from all these vectors and analyzes the exploitable vulnerabilities for patching and remediation. VMDR automates the entire process and accelerates an organization’s ability to respond to, detect, and prevent possible threats
Qualys’ VMDR takes four separate entities of IT security and merges them into one cycle. These four aspects flow well into one another, and it only makes sense to have a process that encapsulates them all.
Particularly of note is VMDR’s ability to detect unseen assets on your network. Shadow IT is a common problem for enterprises as they continue to grow. By being able to detect these unauthorized assets and see their vulnerability ratings, a business can make informed decisions as to their merit and/or risk to its IT security program.
VMDR also works to patch the vulnerabilities that have been identified. After prioritizing your vulnerabilities, VMDR works to remediate them. VMDR scans and downloads the latest patch to make sure that your enterprise is always equipped with the latest version. Vulnerability management and patch management are intertwined aspects of IT security. By having these aspects work in tandem within one program, VMDR can expedite the process while providing consistency in your security measures. This reduces the vulnerabilities for an operations team, saving time and effort.
Qualys provides a full list of the VMDR workflow processes on its site. The consolidation of separate programs into one application is great for cutting down asset management and redundancies in your programs array. Qualys will also roll out a free version of the program with some VMDR functionalities to all its existing customers at no extra cost. The pricing is based on a per asset basis, starting at $199 and a minimum of 32 assets. We’ll be following VMDR to see its impact within the vulnerability management market and its emotional footprint for users.
Want to Know More?
The Department of Justice is looking to acquire a GRC tool for the Office of the CIO within the FBI’s Enterprise Information Security Section.
Google has identified “unsafe” code in the Chromium web browser engine. This flaw introduces a potential vulnerability that effects Google Chrome, as well as all Chromium-based web browsers.
The International Association of Privacy Professionals (IAPP) has released its 2020 Privacy Tech Vendor report, reviewing key software solution vendors within the space. This year’s report highlighted the recent addition of Data Subject Request (DSR) to the feature categories.
Among the full set of features available in Zecurion’s new DLP product is the ability to perform user behavior analytics to help spot data loss events before they occur.
Zecurion has one of the most robust DLP products on the market and this fact was recently recognized by SC Magazine, who placed the product in its “pick-of-the-litter" category for DLP.
In early March, Titus released Titus Illuminate 2020, which was the company’s answer to the question of analyzing data at rest. This latest version of Illuminate leverages machine learning and AI in an effort to manage data that contains potentially sensitive or high-risk personal information.
More than ever, cybersecurity solutions are core to any MSPs offering. No longer should technology service providers be farming this out to dedicated security providers. Trust and peace of mind are the core tenets of what they are selling and solutions like Acronis Cyber Protect Cloud can provide the platform upon which to deliver on those promises.
PHEMI is a data privacy solution focused on keeping data-processing activities secure by redacting information based on the role of the accessor. Thus, allowing such data to be used for multiple use cases without compromising privacy.
Kenna Security deployed their new data driven vulnerability management program, Kenna.VM and accessory program, Kenna.VI. Released on April 28th, Kenna.VM was created with the purpose to set service-level agreements (SLAs) with risk tolerance in mind.