Cloud Platform
Try it

Cloud platform apps

Global IT Asset Inventory.

With 2-second visibility and 2-way synchronization with CMDBs.

With Qualys Asset Inventory, we can start to see the answers to questions such as: ‘Which PCs, laptops and business areas are at the highest risk of attack?’ and ‘Which systems are not being patched in a timely manner?’ and ‘Where can we deploy our resources to see the greatest cyber security benefit?’

Eddie Dynes Information Security and Compliance Manager at London Gatwick Airport


Continuous discovery and 2-second visibility

Asset Inventory constantly gathers information on all assets, listing system and hardware details, running services, open ports, installed software and user accounts. Asset discovery and inventory collection is done through combination of Qualys network scanners and Cloud Agents, which together can collect comprehensive data from across on-premises or cloud infrastructure as well as remote endpoints.

CMDB integration

A certified application synchronizes Qualys Asset Inventory data with ServiceNow’s Configuration Management system. Device changes are immediately transmitted to the Qualys Cloud Platform and then synchronized with ServiceNow. For customers, this means an end to unidentified and misclassified assets, and to data update delays, all of which increase chances of breaches.

Automatic normalization and classification

With Asset Inventory, customers can make their asset data consistent and uniform, which is essential for having inventory clarity and accuracy. The product standardizes every manufacturer name, product name, model and software version by automatically normalizing raw discovery data, using Qualys’ ever-evolving technology catalog as reference. The catalog is continuously curated with a focus on completeness, relevance, and data quality. This process transforms the global IT asset inventory into multi-dimensional and structured information, so that you can make better business decisions.

Actionable insights with non-discoverable asset metadata

The Qualys technology catalog automatically extends your IT asset inventory with non-discoverable asset metadata, such as hardware and software product release dates, end of life dates, license categories, and more. These attributes provide IT organizations with multiple lenses that broaden asset visibility in new, meaningful ways. Teams can detect a variety of issues, such as unauthorized software, outdated hardware or end-of-life software, which can help you to properly support and secure critical assets.

Access a complete, searchable IT asset inventory

You can’t protect – or defend yourself from – what you don’t know is in your network, like unapproved devices and unauthorized software. Qualys gives you full horizontal visibility of all hardware and software, scaling up to millions of assets – on premises, in cloud instances and mobile endpoints.

  • Continuously collects and feeds system, compliance, and security data from IT assets into the Qualys Cloud Platform for aggregation, indexing, correlation and analysis

  • Covers all bases with a variety of data discovery and collection sensors, such as:

    • Physical and virtual appliances that scan IT assets on premises, in private clouds, or in virtualized environments
    • Cloud appliances that remotely scan your IaaS and PaaS instances in commercial cloud platforms
    • Lightweight, all-purpose Cloud Agents that continuously monitor assets they’re installed on, such as laptops

  • Has a powerful search engine that lets you craft advanced queries combining multiple asset criteria and that returns results instantly, so in two seconds you can find out:

    • How many PCs from a particular manufacturer do we have in our environment?
    • Which servers are running an OS that its vendor recently stopped supporting?
    • Which IT assets have a particular piece of software installed?
    • How many databases are running in my data centers?
    • How many Lenovo laptops running the latest version of Windows 10 and located in my India office have a particular vulnerability?

Rationalize IT assets, prioritize work and gain actionable insights

Qualys gives you a multidimensional view of your global IT assets, allowing you to slice-and-dice their attributes and gain new perspectives that can help you make and expedite better business decisions. At the core, a normalization engine automatically standardizes virtually any meaningful IT asset data point. The normalization process is essential for accurate decision making.

  • Manufacturer names, products, models, and software versions are standardized and structured. Acquisitions and product lineage are automatically accounted for.

  • When viewing and analyzing software inventory, it is critical to differentiate applications from system software, since the former need to be managed and analyzed without the extra clutter of the latter. Asset Inventory automatically classifies all software, separating applications from system software, such as OS patches and drivers.

  • Multi-level taxonomy is based on industry standards, careful analysis and curation. Every asset is classified in meaningful, functional categories based on hardware and software.

  • The Qualys technology catalog automatically populates your IT asset inventory with asset metadata that can’t be discovered otherwise, such as hardware and software product release dates, end of life dates, license categories, and more. These attributes provide IT organizations with multiple lenses that expand asset visibility in new, meaningful ways.

Get a granular, deep view into asset components

Qualys gives you deep visibility into the assets, granting you a detailed, multidimensional view of each one that encompasses both its IT and security data. You can flag issues such as configuration problems, security risks, IT policy violations and regulatory non-compliance with an asset profile that includes a wealth of data, such as:

  • Hardware specs

  • Installed software, including applications, OS, drivers, utilities and plug-ins

  • Network connections

  • Approved users

  • Installed patches

  • Open vulnerabilities

  • Services, file systems, running processes

  • Virtualized environment details, such as the constant proliferation of internal and external images

  • Geographic location and time zone

  • IT policy compliance settings

Get real-time, continuous inventory updates with Qualys Cloud Agents

An IT asset inventory loses its value if its data gets stale. New vulnerabilities are disclosed every day. Old ones can suddenly become more dangerous. A laptop can quickly go from secure to compromised. Qualys complements its physical, virtual and cloud scanners with its revolutionary Cloud Agents, which:

  • Are lightweight and, after the initial comprehensive asset assessment, only report detected changes, so they have a minimal impact on systems and networks

  • Run in the background and update themselves

  • Continuously assess the asset’s security and compliance status

  • Can be installed in assets that are on premises, in cloud instances and mobile endpoints

  • Are deployed via a flexible, compact agent installer

Highlight and rank criticality of assets

Not all assets carry the same weight within your organization. Asset Inventory lets you tag your assets, so you put relevant labels on them in the inventory and organize them in multiple ways. For example, you can specify which assets fall within the scope of PCI DSS (Payment Card Industry Data Security Standard) compliance.

  • Supports tagging of assets for easy labeling and identification, instantly adding business context to your inventory

  • Gives you the ability to apply tags manually or configure rules and parameters for automatic tagging

  • Supports creating any kind or any number of hierarchies, and giving assets as many tags as you want

  • Calculates criticality based on an asset’s aggregated and consolidated system, security, and compliance data, as well as established hierarchies and priorities

Visualize with customizable dashboards

It’s essential to graphically display IT inventory data so that you can act on insights and prevent and address threats. Asset Inventory’s interactive, customizable dashboard lets you visualize and share the security, configuration and compliance status of IT assets.

  • Leverages robust search engine to let you turn queries about IT assets into dashboard widgets updated in real time, so you don’t have to manually run a frequent query

  • Displays widget data in various ways using graphs, tables and charts

  • Lets you establish thresholds and alerts you when they’ve been reached, for example, by changing a widget’s background color from green to red

  • Allow you to create different dashboards tailored for different purposes and users, such as InfoSec pros, compliance/risk managers, and CSOs

Integrate with your CMDB

IT asset inventory solutions must link up with your CMDB (configuration management database) and continuously feed it fresh, detailed data. That way, the CMDB can better illustrate and map the relationships, connections, hierarchies and dependencies among IT assets. The Qualys App for ServiceNow CMDB syncs information about assets Qualys discovers into ServiceNow.

  • Allows IT departments to be more effective at a variety of critical tasks, such as change management, service requests, incident response, system repair and impact analysis

  • Eliminates the need for IT staffers to manually update the CMDB with granular system, security and compliance data on new and changed assets across an IT environment

  • Supports flexible configuration for multiple Qualys accounts/API sources and synchronization schedules

  • Features preconfigured table transform maps for open ports, assets, network interfaces, software, processors and volumes, as well as preconfigured reports

Powered by the Qualys Cloud Platform

Single-pane-of-glass UI

See the results in one place, in seconds. With AssetView, security and compliance pros and managers get a complete and continuously updated view of all of their IT assets — from a single dashboard interface. Its fully customizable and lets you see the big picture, drill down into details, and generate reports for teammates and auditors. Its intuitive and easy-to-build dynamic dashboards aggregate and correlate all of your IT security and compliance data in one place from all the various Qualys Cloud Apps. With its powerful elastic search clusters, you can now search for any asset – on-premises, endpoints and all clouds – with 2-second visibility.

Centralized & customized

Centralize discovery of host assets for multiple types of assessments. Organize host asset groups to match the structure of your business. Keep security data private with our end-to-end encryption & strong access controls. You can centrally manage users’ access to their Qualys accounts through your enterprise single sign-on (SSO). Qualys supports SAML 2.0-based identity service providers.

Easy deployment

Deploy from a public or private cloud — fully managed by Qualys. With Qualys, there are no servers to provision, no software to install, and no databases to maintain. You always have the latest Qualys features available through your browser, without setting up special client software or VPN connections.

Scalable and extensible

Scale up globally, on demand. Integrate with other systems via extensible XML-based APIs. You can use Qualys with a broad range of security and compliance systems, such as GRC, ticketing systems, SIEM, ERM, and IDS.

See for yourself. Try Qualys for free.

Start your free trial today. No software to download or install. Email us or call us at 1 (800) 745-4355.