Cloud Platform
Support
Contact us

CyberSecurity Asset Management (CSAM).

Find and manage cybersecurity risks in IT assets

Asset management in the security operations context isn’t just ‘seeing’ an asset; it is having the right ‘risk’ context of each and every software, hardware and IoT asset at our fingertips.

Jatinder Pal Singh Jatinder Pal Singh Director of Security Operations at Informatica

Monitor and manage your security posture

Traditional IT inventory tools focus on IT visibility but fail to deliver information on cyber threats. They require organizations to implement multiple tools to inventory and assess risks across today’s hybrid environments. Typically, organizations have an incomplete picture of assets, don’t understand key risk context, and leave open security gaps that cybersecurity criminals can exploit.

Security teams need a way to go beyond static asset inventory to understand the security context. Qualys enables security teams to see the entire picture of their assets – with a comprehensive view of their IT infrastructure – all from a single comprehensive cybersecurity asset management solution natively built in the cloud and delivered as a service.

Qualys CyberSecurity Asset Management (CSAM) is asset management reimagined for security teams. With Qualys CSAM, organizations can continuously inventory assets, apply business criticality and risk context, detect security gaps like unauthorized or EOL software, and respond with appropriate actions to mitigate risk, thus reducing the ‘threat debt’.

Build a comprehensive Inventory to identify managed & unmanaged assets

Sync with CMDB

Detect at-risk assets & applications with in-context enrichment data

Alert, Report & Respond to identified security risks

Core Features

Asset Management Built for Security and Integrated with IT

Inventory your full IT ecosystem

Automatically identify all IT assets regardless of if they are on-prem, mobile, clouds, containers, OT or IoT for a complete, categorized inventory to support security decision-making. Advanced search and interactive, customizable dashboards support easy access to the information you need. Supports multiple active and passive sensors, including agents, scanners, passive sensors and connectors to third-party platforms.
Read more


Detect security gaps

Multiple layers of in-context technical and business data establish a security view of your IT inventory that enables easy identification of at-risk assets. Know when unknown devices connect to the network, unauthorized software is detected, or required security software is missing; and detect end of life software and hardware.
Read more


2-way CMDB integration

Populate your ServiceNow CMDB with asset data from Qualys and update Qualys assets with relevant CMDB attribute data. Build detailed inventory of new and changed IT assets, categorized and enriched with lifecycle data.
Read more


Alert, report and respond to risks

Create asset security health reports for PCI-DSS and FedRAMP, or configure rule-based alerts with out-of-the-box templates sent to email, Slack, PagerDuty, etc. Monitor for changes to key infrastructure so that you can perform actions like removing unauthorized software.
Read more

Re-inventing asset inventory for security

CSAM Highlights (2 mins)

Build a comprehensive asset inventory (Global AssetView)

You can’t secure what you can’t see or don’t know. Threat prevention begins with Qualys Global AssetView, which automatically discovers and classifies all IT assets including software, on-prem devices and applications, mobile, clouds, containers, and enterprise IoT devices using both agent and agentless methods. Global AssetView is part of CSAM and works in conjunction with the Qualys Cloud Platform and Qualys sensors (scanners, cloud connectors, container sensors, cloud agents, passive sensors and APIs) to continuously discover assets.

  • Automated categorization and classification of asset data maps raw asset data to the Qualys product catalog to obtain clean and reliable data that transforms the global IT asset inventory into multidimensional and structured information for better business decision-making.

  • A powerful search engine lets you craft simple or advanced queries combining multiple asset criteria returning results instantly.

  • Interactive, customizable dashboards let you visualize and share the security, configuration, and compliance status of IT assets.

  • Gain visibility for connected enterprise IoT; devices like printers, security cameras, VoIP phones, smart boards, and building automation. Qualys Passive Sensor listens to network traffic to identify all IP-connected devices in real time, dissects and fingerprints multiple protocols, and uniquely identifies thousands of IoT devices.

    Learn more

Sync with CMDB and assign risk profile

Use the CMDB Sync feature to populate your ServiceNow CMDB with asset data from Qualys and update Qualys assets with relevant CMDB attribute data. Based on business and organizational data enrichment can assign asset risk profile and criticality measure to focus on most critical assets first.

2-Way CMDB Sync

Qualys CMDB Sync performs 2-way sync with ServiceNow CMDB for a detailed inventory of new and changed IT assets, categorized and enriched with lifecycle data. It eliminates unidentified and misclassified assets and gives you real-time, comprehensive visibility into your IT asset inventory to immediately flag security and compliance risks. The solution also enables customers to import into their Qualys Subscription any missing ServiceNow IP addresses for Vulnerability Assessment and Policy Compliance scans and collect inventory.

Learn More

Assign risk profile

Focus your security prioritization efforts on high-importance and high-risk assets, by defining key business and technical context. Asset Criticality is a user-defined measure of asset function, environment, and service and includes the following:
  • The user optionally selects a criticality score on a Tag which is then applied to one or more assets

  • An Asset attribute is assigned the highest criticality score among allocated asset tags

  • If pulling data from CMDB, the asset criticality score is automatically assigned to a tag and the corresponding asset

Detect and monitor security gaps

When considering your IT inventory from a security perspective, it is not sufficient to just have a comprehensive view of your environment. Qualys CyberSecurity Asset Management (CSAM) applies multiple layers of in-context technical and business data to establish a security view of your IT inventory that enables easy identification of at-risk assets.

Authorized/Unauthorized software

Define and create lists of both Authorized and Unauthorized software and track the result in your IT environment. Proactive tracking of unauthorized and authorized software is a key tool to reduce security risks and improve the health of your inventory. This capability:
  • Tracks and reports installations of Unauthorized software based on user defined lists

  • Manages Authorized software lists and identifies software not on the list

  • Provides for the creation and assignment of multiple lists based on asset type, location, criticality, and usage

Detailed asset information

Qualys gives you deep visibility into the assets granting you a detailed, multidimensional view of each one that encompasses both its IT and security data. You can flag issues such as configuration problems, security risks, IT policy violations and regulatory non-compliance with an asset profile that includes a wealth of data such as:
  • Hardware specs

  • Installed software, including applications, OS, drivers, utilities and plug-ins

  • Network connections

  • User information and context

  • Services, file systems, running processes

  • Virtualized environment details, such as the constant proliferation of internal and external images

  • Geographic location and time zone

  • Upgrade to get advanced details including:

    • Hardware and software product release dates
    • End-of-life dates
    • License categories

Identify blind spots

Knowing which assets have what security and monitoring tools installed, and which don’t, is an important element of establishing a security position. CSAM can track and identify numerous security endpoints and highlight the breadth of coverage and key assets including missing installations through dashboards and health reports.

Internet-facing visibility

Extend Global AssetView’s existing capability of targeted external scans with zero-touch continuous monitoring. This uses an outside in view to find assets exposed to the internet, flag known ‘managed’ assets and just as critical, identify unknown assets, enabling security risk assessment. This capability:

  • Pulls customer-specific public data
  • Displays it in the Asset Inventory and Asset Details
  • Creates Unmanaged Assets to track newly identified endpoints
  • Enables contextual queries

Alert, report and respond

Use configurable policy-based alerts to automatically notify interested parties of at-risk assets. Once the layers of security context are added, the next step is to focus on identifying hardware and software of particular note.

Alerts

Define and create lists of both Authorized and Unauthorized software and track the result in your IT environment. Proactive tracking of unauthorized and authorized software is a key tool to reduce security risks and improve the health of your inventory. This capability:
  • Enables the user to select an asset or set of assets based on hardware & software attributes, e.g. open ports, volumes, hardware and software attributes, then create an alert to notify interested parties.

  • Utilize out-of-the-box templates to simplify the creation process.

  • Send email, Slack or PagerDuty notifications.

Reports

Create curated reports and deliver extracted copies to satisfy multiple regulatory requirements. Many governing and standards organizations require structured reports to maintain compliance. Failure to adhere to these requirements can have material impacts on the organization’s ability to continue to work with and operate alongside federal agencies and member organizations.
  • Generate a formatted FedRAMP Asset Inventory and Security report

  • Create custom reports to satisfy company and regulatory needs, defining asset scope and required attributes

GAV and CSAM features

Global AssetView (GAV) is free with any number of agents & passive scanners to give you baseline visibility of your asset inventory.

CyberSecurity Asset Management (CSAM) adds context for security-centric visibility with detection of security gaps and CMDB integration, plus alerting and response.

FEATURE GAV CSAM
Get complete visibility into your environment
Discover and inventory all your assets
Learn More
check mark check mark
View categorized and normalized hardware and software information
Standardize your inventory
Learn More
check mark check mark
Define criticality and find related assets
Add business context through dynamic tagging
Learn More
check mark check mark
Find and upgrade unsupported software and hardware
Know product lifecycle and support information
Learn More
check mark
Eliminate unauthorized software from your environment
Quickly identify assets requiring attention
Learn More
check mark
Be informed about assets requiring attention
Receive notifications to review and define actions
Learn More
check mark
Inform stakeholders about health of your assets
Create custom reports
Learn More
check mark
Easily keep your CMDB up to date
Enable 2-way integration to sync with ServiceNow CMDB
Learn More
check mark

Powered by the Qualys Cloud Platform

Easy deployment

Deploy from a public or private cloud — fully managed by Qualys. With Qualys, there are no servers to provision, no software to install, and no databases to maintain. You always have the latest Qualys features available through your browser, without setting up special client software or VPN connections.

Centralized & customized

Centralize discovery of host assets for multiple types of assessments. Organize host asset groups to match the structure of your business. Keep security data private with our end-to-end encryption and strong access controls. You can centrally manage users’ access to their Qualys accounts through your enterprise single sign-on (SSO). Qualys supports SAML 2.0-based identity service providers.

Scalable and extensible

Scale up globally, on demand. Integrate with other systems via extensible XML-based APIs. You can use Qualys with a broad range of security and compliance systems, such as GRC, ticketing systems, SIEM, ERM, and IDS.

See for yourself. Try Qualys CSAM for free.

Start your free trial today. No software to download or install. Email us or call us at 1 (800) 745-4355.