With Qualys Custom Assessment and Remediation (CAR), we can quickly create reusable custom detections and remediations, including deploying custom configurations and applications. Since CAR is natively integrated into our Qualys Platform, we can leverage our existing security processes for vulnerability management and secure configuration rather than build ad-hoc processes when faced with urgent threats.Gonz Gonzales Chief Information Security Officer at JG Summit Holdings, Inc.
Legacy manual approaches to security are falling behind the continuous onslaught of modern threats. Automation is the best way to meet these threats. Qualys Custom Assessment and Remediation lets you automate tactical security workflows with custom scripts and controls that are seamlessly integrated with your existing vulnerability programs, security processes, and analytics.
Custom scripting and user-defined controls are integrated with all Qualys Cloud Platform services
Scripts and controls automate detection, tracking, and response to new zero-day vulnerabilities and immediate threats
Simplifies enterprise deployment and use with centralized management and distributed execution of scripts and controls wherever a Qualys Cloud Agent resides
Establishes a central library of reusable scripts and pre-built script templates
Choose from a wide range of popular scripting languages including PowerShell, Python, Lua, Perl, and Shell. No custom scripting language or packaging methods required!
Planned integration with enterprise script repositories such as GitHub for use with existing script management tools
Rarely do generic security best practices and controls fit unique enterprise requirements out of the box. Security teams need flexibility to add and customize controls and processes for specific organizational needs. Qualys Custom Assessment and Remediation lets you avoid the overhead and complexity typically associated with customizing enterprise security assessments, detection, and response.
Quickly create and execute custom scripts and controls
A central library of reusable scripts and security controls accelerates action and avoids inventing new out-of-band processes and custom scripts
Trackable within your existing Qualys vulnerability and compliance reporting with the assignment of custom QIDs and CIDs
The number one security concern of any enterprise is the ability to immediately respond to urgent threats. Response and mitigation time is often hampered as security teams don’t have direct access to ITSM tools. Silos impede an organization’s ability to respond to risks and extend time to remediate. Qualys Custom Assessment and Remediation accelerates mean-time-to-remediation (MTTR) with instant response to keep your enterprise secure.
Automates otherwise manual processes such as collecting data, evaluating data, gathering and synthesizing relevant third-party threat intelligence feeds, updating configurations, shutting down vulnerable ports, and activating endpoint tools
Puts vulnerabilities in context of your entire IT, cloud, and application estates to focus action on material threats
Automates mitigation in custom in-house applications, including apps with open-source code
Consistent rollout of mitigations and fixes across hundreds or thousands of applications and endpoints
Qualys Custom Assessment and Remediation is enterprise-ready, providing native integration and orchestration across all Qualys Cloud Platform services.
Scripts activate and access the complete range of platform services such as Patch Management; Vulnerability Management, Detection and Response; Policy Compliance; CyberSecurity Assess Management; Multi-Vector EDR; and Context XDR
Built-in Script Testing Sandbox enables controlled evaluation of script and control functionalities before deployment and use
Provides role-based access with built-in script approval workflows to ensure only the right people have access and authority to execute the scripts