Asset management in the security operations context isn’t just ‘seeing’ an asset; it is having the right ‘risk’ context of each and every software, hardware and IoT asset at our fingertips.Jatinder Pal Singh Director of Security Operations at Informatica
Traditional IT inventory tools focus on IT visibility but fail to deliver information on cyber threats. They require organizations to implement multiple tools to inventory and assess risks across today’s hybrid environments. Typically, organizations have an incomplete picture of assets, don’t understand key risk context, and leave open security gaps that cybersecurity criminals can exploit.
Security teams need a way to go beyond static asset inventory to understand the security context. Qualys enables security teams to see the entire picture of their assets – with a comprehensive view of their IT infrastructure – all from a single comprehensive cybersecurity asset management solution natively built in the cloud and delivered as a service.
Qualys CyberSecurity Asset Management (CSAM) is asset management reimagined for security teams. With Qualys CSAM, organizations can continuously inventory assets, apply business criticality and risk context, detect security gaps like unauthorized or EOL software, and respond with appropriate actions to mitigate risk, thus reducing the ‘threat debt’.
Asset Management Built for Security and Integrated with IT
CSAM Highlights (2 mins)
You can’t secure what you can’t see or don’t know. Threat prevention begins with Qualys Global AssetView, which automatically discovers and classifies all IT assets including software, on-prem devices and applications, mobile, clouds, containers, and enterprise IoT devices using both agent and agentless methods. Global AssetView is part of CSAM and works in conjunction with the Qualys Cloud Platform and Qualys sensors (scanners, cloud connectors, container sensors, cloud agents, passive sensors and APIs) to continuously discover assets.
Automated categorization and classification of asset data maps raw asset data to the Qualys product catalog to obtain clean and reliable data that transforms the global IT asset inventory into multidimensional and structured information for better business decision-making.
A powerful search engine lets you craft simple or advanced queries combining multiple asset criteria returning results instantly.
Interactive, customizable dashboards let you visualize and share the security, configuration, and compliance status of IT assets.
Gain visibility for connected enterprise IoT; devices like printers, security cameras, VoIP phones, smart boards, and building automation. Qualys Passive Sensor listens to network traffic to identify all IP-connected devices in real time, dissects and fingerprints multiple protocols, and uniquely identifies thousands of IoT devices.
Use the CMDB Sync feature to populate your ServiceNow CMDB with asset data from Qualys and update Qualys assets with relevant CMDB attribute data. Based on business and organizational data enrichment can assign asset risk profile and criticality measure to focus on most critical assets first.
The user optionally selects a criticality score on a Tag which is then applied to one or more assets
An Asset attribute is assigned the highest criticality score among allocated asset tags
If pulling data from CMDB, the asset criticality score is automatically assigned to a tag and the corresponding asset
When considering your IT inventory from a security perspective, it is not sufficient to just have a comprehensive view of your environment. Qualys CyberSecurity Asset Management (CSAM) applies multiple layers of in-context technical and business data to establish a security view of your IT inventory that enables easy identification of at-risk assets.
Tracks and reports installations of Unauthorized software based on user defined lists
Manages Authorized software lists and identifies software not on the list
Provides for the creation and assignment of multiple lists based on asset type, location, criticality, and usage
Installed software, including applications, OS, drivers, utilities and plug-ins
User information and context
Services, file systems, running processes
Virtualized environment details, such as the constant proliferation of internal and external images
Geographic location and time zone
Upgrade to get advanced details including:
Use configurable policy-based alerts to automatically notify interested parties of at-risk assets. Once the layers of security context are added, the next step is to focus on identifying hardware and software of particular note.
Enables the user to select an asset or set of assets based on hardware & software attributes, e.g. open ports, volumes, hardware and software attributes, then create an alert to notify interested parties.
Utilize out-of-the-box templates to simplify the creation process.
Send email, Slack or PagerDuty notifications.
Generate a formatted FedRAMP Asset Inventory and Security report
Create custom reports to satisfy company and regulatory needs, defining asset scope and required attributes
Global AssetView (GAV) is free with any number of agents & passive scanners to give you baseline visibility of your asset inventory.
CyberSecurity Asset Management (CSAM) adds context for security-centric visibility with detection of security gaps and CMDB integration, plus alerting and response.
|Get complete visibility into your environment
Discover and inventory all your assets
|View categorized and normalized hardware and software information
Standardize your inventory
|Define criticality and find related assets
Add business context through dynamic tagging
|Find and upgrade unsupported software and hardware
Know product lifecycle and support information
|Eliminate unauthorized software from your environment
Quickly identify assets requiring attention
|Be informed about assets requiring attention
Receive notifications to review and define actions
|Inform stakeholders about health of your assets
Create custom reports
|Easily keep your CMDB up to date
Enable 2-way integration to sync with ServiceNow CMDB