Groundbreaking EASM engine empowers cybersecurity
teams with accurate, real-time view of asset inventory that reduces
false positives
FOSTER
CITY, Calif., May 6, 2024
/PRNewswire/ -- Qualys, Inc. (NASDAQ: QLYS), a leading provider of
disruptive cloud-based IT, security, and compliance solutions,
today announced the launch of CyberSecurity Asset Management 3.0,
an expansion of the Enterprise TruRisk Platform. This update
integrates its leading vulnerability assessment capability into its
External Attack Surface Management (EASM) solution delivering an
accurate, real-time view of the external attack surface that
eliminates more false positives to mitigate the risk of unknown
assets.
Traditionally, cybersecurity teams rely on disparate sources
like standalone external scanning tools, IT-centric databases such
as configuration management databases (CMDBs), and API-based
integrations to piece together asset inventories. EASM tools have
relied on banner-grabbing methods that produce stale, incomplete
asset data snapshots. As a result of this piecemeal approach to
asset discovery, the average enterprise is blind to 38%* of its
assets at any given time.
Qualys CyberSecurity Asset Management 3.0 extends its leading
asset discovery for all types of environments—including an EASM
engine for real-time and accurate assessment of external attack
surface risks, built-in passive sensing for IoT and rogue devices
using the already-deployed Qualys agent, and third-party API-based
connectors to complement Qualys sensors. This unified approach not
only consolidates asset discovery to a single, unified solution but
also introduces a first-of-its-kind EASM lightweight vulnerability
scanner to pinpoint critical vulnerabilities immediately upon
discovery.
"With Qualys CyberSecurity Asset Management, we have a
consolidated view of asset and cyber risk data without requiring
separate solutions to scan different areas of the attack surface,"
said Mike Orosz, VP Information
& Product Security, CISO at Vertiv. "The immediate risk
assessment of external assets has fueled a significant increase in
our ability to be proactive about the elimination of risk."
This release enhances Qualys' industry-leading attack surface
coverage, allowing organizations to:
- Gain precise insight into which external assets are
attributed to the organization — Discover all assets from
subsidiaries, mergers, and acquisitions with patent-pending
attribution and confidence scoring.
- Reduce false positives to isolate risk on the external
attack surface — Quickly and accurately identify the most
critical risk with industry-leading vulnerability detections,
reducing 60%* of false positives that result from basic
banner-grabbing tools.
- Eliminate unknowns from the internal network in real
time — Uncover 34%* more assets in real time with passive
sensing, built into the Qualys agent to identify unmanaged IoT/OT
devices. The third-party connectors complement the Qualys sensors
delivering a unified inventory, and scan previously unknown assets
for vulnerabilities and compliance issues.
"The 'unknown' asset continues to account for a sizeable amount
of the cyber risk plaguing the modern enterprise because if you
don't know your assets, you don't know your risk," said
Sumedh Thakar, president and CEO at
Qualys. "With our groundbreaking EASM engine and discovery
advancements, CyberSecurity Asset Management 3.0 is the only
solution that provides every possible discovery method with the
speed and accuracy that the modern organization requires."
Availability
Qualys CyberSecurity Asset Management is
immediately available. To learn more, sign up for a free trial,
read the blog, Introducing CyberSecurity Asset Management 3.0 or
attend the virtual event, Cyber Risk Series: The Art of the
Impossible: Navigating the Broken CMDB.
Additional Resources
- Read our CyberSecurity Asset Management 3.0 blog
- Register for the virtual Cyber Risk Series on navigating the
broken CMDB
- Watch the video "Introducing Qualys CyberSecurity Asset
Management 3.0 – with expanded discovery and cyber risk
assessment"
- Learn more about the Qualys Enterprise TruRisk Platform
- Follow Qualys on LinkedIn and X
About Qualys
Qualys, Inc. (NASDAQ: QLYS) is a
leading provider of disruptive cloud-based security, compliance and
IT solutions with more than 10,000 subscription customers
worldwide, including a majority of the Forbes Global 100 and
Fortune 100. Qualys helps organizations streamline and automate
their security and compliance solutions onto a single platform for
greater agility, better business outcomes, and substantial cost
savings.
The Qualys Enterprise TruRisk Platform leverages a single agent
to continuously deliver critical security intelligence while
enabling enterprises to automate the full spectrum of vulnerability
detection, compliance, and protection for IT systems, workloads and
web applications across on premises, endpoints, servers, public and
private clouds, containers, and mobile devices. Founded in 1999 as
one of the first SaaS security companies, Qualys has strategic
partnerships and seamlessly integrates its vulnerability management
capabilities into security offerings from cloud service providers,
including Oracle Cloud Infrastructure, Amazon Web Services, the
Google Cloud Platform and Microsoft Azure, along with a number of
leading managed service providers and global consulting
organizations. For more information, please visit
http://www.qualys.com.
Qualys, Qualys VMDR®, Qualys TruRisk and the Qualys logo are
proprietary trademarks of Qualys, Inc. All other products or names
may be trademarks of their respective companies.
*Based on Qualys Threat Research Unit (TRU) analysis of
anonymized data from over 1,000 customers
Media Contact:
Rachel Winship
Qualys
Media@Qualys.com
View original content to download
multimedia:https://www.prnewswire.com/news-releases/qualys-expands-enterprise-trurisk-platform-with-cybersecurity-asset-management-3-0-to-significantly-enhance-easm-capabilities-302136451.html
SOURCE Qualys, Inc.