Dubai, United Arab Emirates, 04 August 2022: Qualys, Inc., a pioneer and main supplier of disruptive cloud-based IT, safety and compliance options, introduced that it’s including Exterior Assault Floor Administration (EASM) capabilities to the Qualys Cloud Platform. Built-in into CyberSecurity Asset Administration 2.0, the brand new part provides exterior attacker visibility to establish beforehand unknown Web-facing belongings for an entire and correct image of the enterprise’s assault floor.
Digital transformation, elevated cloud and Web of Issues (IoT) adoption, a rising distant workforce, and a know-how expertise scarcity have led to an exponential enhance in organizations’ assault floor. This growth makes it troublesome for safety groups to correlate externally seen and internally managed belongings and to control the compromises that come up from undiscovered, unmanaged, or mismanaged IT belongings. Organizations want a brand new strategy to see susceptible belongings from the skin in and execute like an attacker to shortly establish areas of danger.
“Organizations have to proactively handle their cyber defenses, which incorporates discovering and addressing vulnerabilities to scale back cyber danger,” mentioned Michelle Abraham, director of analysis, safety and belief at IDC. “Qualys’ distinctive strategy to EASM is to combine inside and exterior asset knowledge from CyberSecurity Assault Administration with its Vulnerability Administration, Detection and Response (VMDR) resolution in a single view. Because of this, organizations can higher establish undiscovered belongings and instantly entry and mitigate cyber danger throughout the identical workflow.”
“Qualys CyberSecurity Asset Administration supplies invaluable assault floor intelligence from an exterior attacker’s perspective,” mentioned Mike Orosz, Vice President of Product Intelligence and Safety at Vertiv. “This perception permits us to proactively enhance our vulnerability administration program by uncovering dangers posed by beforehand unknown Web-facing units. As well as, automated workflows enable us to prioritize safety engineering actions that may scale back cyber danger and quickly enhance our firm’s safety.”
Qualys CyberSecurity Asset Administration 2.0 with EASM permits organizations to constantly monitor and scale back all the enterprise assault floor, together with inside and Web-facing belongings, and uncover beforehand unidentified exposures. It additionally helps synchronize with CMDBs, detect safety gaps akin to unauthorized or end-of-support software program, open ports, remotely exploitable vulnerabilities, digital certificates points, unauthorized functions and domains, and mitigate danger by taking acceptable measures.
Qualys CyberSecurity Asset Administration with EASM permits safety and IT groups to:
Uncover the gaps all around the attacking floor — From a single cloud platform, the answer constantly discovers and precisely classifies inside and exterior Web-facing belongings. It robotically finds your associates, enumerates horizontal and vertical domains and subdomains, matches WHOIS and DNS information, and assigns belongings to your group.
Get dependable and correct visibility, aligning safety and IT operations — Develop unsure and out-of-date knowledge out of your CMDB with CyberSecurity Asset Administration. Groups can seize unmanaged belongings and achieve a single supply of fact for Web-facing belongings, together with location and context, by robotically syncing with enterprise CMDBs and vulnerability administration to streamline ongoing assault floor monitoring and response .
Rapidly remediate dangers with native VMDR 2.0 integration — CyberSecurity Asset Administration 2.0 and Qualys VMDR 2.0 enhance cybersecurity program posture with TruRisk scoring and automatic, one-click orchestration of remediation and vulnerability workflows to transform Web-facing belongings into absolutely managed and patched belongings.
“Reaching full asset visibility stays one of the crucial elusive cybersecurity objectives,” mentioned Sumedh Thakar, Qualys President and CEO. “CyberSecurity Asset Administration 2.0 solves this by offering each a holistic, exterior attacker-level view and an inside view of the assault floor to comprehensively deal with the elevated risk panorama. Taking safety a step additional, we have natively built-in the answer with Qualys VMDR so organizations can prioritize vulnerabilities and asset teams based mostly on danger and proactively remediate to shortly scale back publicity.”
Qualys CyberSecurity Asset Administration 2.0 with EASM is presently in preview and out there to current clients. Will probably be usually out there in mid-September. To request a free trial, go to qualys.com/csam-trial.