Powerful cloud-based solution for a complete, continuously updated inventory of all IT assets, wherever they reside
With Qualys Asset Inventory, we can start to see the answers to questions such as: ‘Which PCs, laptops and business areas are at the highest risk of attack?’ and ‘Which systems are not being patched in a timely manner?’ and ‘Where can we deploy our resources to see the greatest cyber security benefit?’Eddie Dynes Information Security and Compliance Manager at London Gatwick Airport
You can’t protect – or defend yourself from – what you don’t know is in your network, like unapproved devices and unauthorized software. Qualys gives you full horizontal visibility of all hardware and software, scaling up to millions of assets – on premises, in cloud instances and mobile endpoints.
Continuously collects and feeds system, compliance, and security data from IT assets into the Qualys Cloud Platform for aggregation, indexing, correlation and analysis
Covers all bases with a variety of data discovery and collection sensors, such as:
Has a powerful search engine that lets you craft advanced queries combining multiple asset criteria and that returns results instantly, so in two seconds you can find out:
Qualys gives you a multidimensional view of your global IT assets, allowing you to slice-and-dice their attributes and gain new perspectives that can help you make and expedite better business decisions. At the core, a normalization engine automatically standardizes virtually any meaningful IT asset data point. The normalization process is essential for accurate decision making.
Manufacturer names, products, models, and software versions are standardized and structured. Acquisitions and product lineage are automatically accounted for.
When viewing and analyzing software inventory, it is critical to differentiate applications from system software, since the former need to be managed and analyzed without the extra clutter of the latter. Asset Inventory automatically classifies all software, separating applications from system software, such as OS patches and drivers.
Multi-level taxonomy is based on industry standards, careful analysis and curation. Every asset is classified in meaningful, functional categories based on hardware and software.
The Qualys technology catalog automatically populates your IT asset inventory with asset metadata that can’t be discovered otherwise, such as hardware and software product release dates, end of life dates, license categories, and more. These attributes provide IT organizations with multiple lenses that expand asset visibility in new, meaningful ways.
Qualys gives you deep visibility into the assets, granting you a detailed, multidimensional view of each one that encompasses both its IT and security data. You can flag issues such as configuration problems, security risks, IT policy violations and regulatory non-compliance with an asset profile that includes a wealth of data, such as:
Installed software, including applications, OS, drivers, utilities and plug-ins
Services, file systems, running processes
Virtualized environment details, such as the constant proliferation of internal and external images
Geographic location and time zone
IT policy compliance settings
An IT asset inventory loses its value if its data gets stale. New vulnerabilities are disclosed every day. Old ones can suddenly become more dangerous. A laptop can quickly go from secure to compromised. Qualys complements its physical, virtual and cloud scanners with its revolutionary Cloud Agents, which:
Are lightweight and, after the initial comprehensive asset assessment, only report detected changes, so they have a minimal impact on systems and networks
Run in the background and update themselves
Continuously assess the asset’s security and compliance status
Can be installed in assets that are on premises, in cloud instances and mobile endpoints
Are deployed via a flexible, compact agent installer
Not all assets carry the same weight within your organization. Asset Inventory lets you tag your assets, so you put relevant labels on them in the inventory and organize them in multiple ways. For example, you can specify which assets fall within the scope of PCI DSS (Payment Card Industry Data Security Standard) compliance.
Supports tagging of assets for easy labeling and identification, instantly adding business context to your inventory
Gives you the ability to apply tags manually or configure rules and parameters for automatic tagging
Supports creating any kind or any number of hierarchies, and giving assets as many tags as you want
Calculates criticality based on an asset’s aggregated and consolidated system, security, and compliance data, as well as established hierarchies and priorities
It’s essential to graphically display IT inventory data so that you can act on insights and prevent and address threats. Asset Inventory’s interactive, customizable dashboard lets you visualize and share the security, configuration and compliance status of IT assets.
Leverages robust search engine to let you turn queries about IT assets into dashboard widgets updated in real time, so you don’t have to manually run a frequent query
Displays widget data in various ways using graphs, tables and charts
Lets you establish thresholds and alerts you when they’ve been reached, for example, by changing a widget’s background color from green to red
Allow you to create different dashboards tailored for different purposes and users, such as InfoSec pros, compliance/risk managers, and CSOs
IT asset inventory solutions must link up with your CMDB (configuration management database) and continuously feed it fresh, detailed data. That way, the CMDB can better illustrate and map the relationships, connections, hierarchies and dependencies among IT assets. The Qualys App for ServiceNow CMDB syncs information about assets Qualys discovers into ServiceNow.
Allows IT departments to be more effective at a variety of critical tasks, such as change management, service requests, incident response, system repair and impact analysis
Eliminates the need for IT staffers to manually update the CMDB with granular system, security and compliance data on new and changed assets across an IT environment
Supports flexible configuration for multiple Qualys accounts/API sources and synchronization schedules
Features preconfigured table transform maps for open ports, assets, network interfaces, software, processors and volumes, as well as preconfigured reports