Comprehensive software reviews to make better IT decisions
Qualys VMDR Is Now Live: Increasing Security Threats Requires Strong Vulnerability Management Software
Qualys VMDR has hit the live market. Originally unveiled in February 2020 at Qualys Security Conference, VMDR is publicly available as of April 16, 2020. Partnering with both large and small MSSPs, VMDR is designed to be scalable to any business enterprise and to automate the entire management cycle on all endpoints.
Source: SoftwareReviews Product Scorecard, Accessed April 23, 2020.
Qualys, an information security and compliance company, launched VMDR as a cloud-managed IT environment. VMDR is designed to leverage the Qualys Cloud Platform to provide organizations with the ability to unify their vulnerability management across all IT environments. VMDR takes the separate endpoints and instances and consolidates them into their management cycle. VMDR is now available, and it is produced on a per-asset basis with no software to update. This includes an offering of security capabilitieswithin each of the following areas:
- Asset Management:
- Provides real-time IT asset inventory.
- Queries assets and attributes to get deep visibility on hardware and network information.
- Automatically correlates security vulnerabilities and patches for specific hosts.
- Automates recurring jobs and keeps the systems up to date with proactive patching.
- Threat Detection and Prioritization:
- Alerts users if network irregularities or threats are detected and prioritizes the riskiest vulnerabilities to highlight for remediation.
- Automated prioritization with real-time threat intelligence.
- Vulnerability Management:
- Continuously detects software vulnerabilities and misconfigurations across asset categories based on CIS benchmarks.
- Qualys VMDR continually identifies critical vulnerabilities and misconfigurations on the industry’s widest range of devices and operating systems.
Source: Qualys VMDR, April 23, 2020.
As cybercriminal activity continues to rise globally, a software vulnerability management program becomes increasingly important to help mitigate business security risks. Increases in both the cost and frequency of cyberattacks are among the primary factors that would drive a company to seek an enhanced vulnerability management option. Qualys VMDR’s all-in-one vulnerability, management, detection, and response program provides a comprehensive approach to vulnerability management and remediation. Over time, there’s been an uptick in the number of vulnerability management programs that adopt patch management in tandem, and VMDR is no exception. Check out Qualys VMDR’s workflow to see the entirety of its offerings.
One of the primary advantages of integrated patch management is that once a vulnerability is identified, VMDR can provide a remediation path right away. VMDR will scan and download the patch to make sure that your business is up to date with the latest security patches. This reduces the periods during which your business is potentially vulnerable to exploits, increasing security, and saving your IT team time when they would normally seek appropriate patches. Businesses seeking to consolidate their program library and increase remediation speed should consider looking for a program that has the patch management and vulnerability management programs intertwined. As VMDR becomes integrated with more businesses, we’ll continue to evaluate its effectiveness in vulnerability management.
Want to Know More?
By exploiting a five-year-old configuration error, a hacker was able to access Amazon’s S3 cloud storage buckets on which Twilio’s code was loaded. As a result, customers were able to unknowingly download the modified code for twenty-four hours.
Qualys VMDR and Ivanti have announced a new partnership dedicated to improving the detection and patching of vulnerabilities. Announced July 30, the Qualys and Ivanti Partnership have already gone live as an integrated component of the VMDR solution.
Remote Work Landscape Pushes Microsoft to Releases Endpoint DLP and Double Key Encryption Features for Added Data Security
Microsoft recently previewed the specific features to tackle data security and risk management for end users with Microsoft Endpoint Data Loss Prevention (DLP) and Double Key Encryption. The reason for the launch? The increasing shift towards a remote work environment and a need to mitigate the accompanying risks.
IBM is changing the terms of its ubiquitous Passport Advantage agreement to remove entitled discounts on over 5,000 on-premises software products, resulting in an immediate price increase for IBM Software & Support (S&S) across its vast customer landscape.
RiskSense announced on July 13 its new version of the cloud-delivered RiskSense risk management platform. The main draw of the program is its holistic risk calculation across CVEs and CWEs.
To bolster and broaden its data privacy capabilities for end users, cyber and data protection vendor Acronis has acquired DLP player DeviceLock. The acquisition aligns with the increasingly prevalent role that data privacy plays in cybersecurity.
Cyberthreats are omnipresent for any enterprise. Monitoring ingress and egress points while still conducting business is a balance security professionals attempt to strike. Couple this with the continued security issues around remote work during the pandemic, and security teams have their hands full.
Navigating the vendor risk management space, particularly in the current environment that consists of a mix of cloud, managed services, and critical supply chain, is key to ensuring that you don’t inadvertently introduce new risks through this dynamic channel.
On May 26, Kenna Security released its new Prioritization to Prediction Benchmark Survey. This free tool provides organizations with the ability to compare their vulnerability management programs to industry averages Kenna Security has compiled over the years.