Cloud Platform
Platform
Solutions
Resources
Customers
Partners
Community
Support
Company
Login
Contact us
Try it
Asset Management
Vulnerability & Configuration Management
Risk Remediation
Threat Detection & Response
Compliance
Cloud Security
Qualys Security Conference 2023 – Now in Orlando – Register Today!

CyberSecurity Asset Management (CSAM)

with External Attack Surface Management

Try it free
CyberSecurity Asset Management (CSAM)

A risk-based approach to cybersecurity is built on a foundation of attack surface management (ASM). With CyberSecurity Asset Management (CSAM), Security and IT Ops gain both an attackers and defenders view of their environment for complete, 360-degree visibility of assets, asset groups, domains, subdomains, End-of-Life (EOL) tracking, and more. Together, with External Attack Surface Management (EASM), CSAM helps organizations discover, enrich, detect, prioritize, and orchestrate workflows between Security and IT Teams to eliminate workflow friction, improve remediation, and slash cyber risk.

Reduce cyber risk with unified inventory and asset catalogs that include 3rd-party asset intelligence and both inside-out and outside-in data.

Discover security gaps & monitor asset health with capabilities that include EOL/EOS inventory capabilities, unauthorized software discovery, and critical agent coverage.

Simplify and improve vulnerability management, AppSec and Patch management programs with natively-integrated workflows.

Close tickets faster with bi-directional integrations with ITSM, CMDB, and ticketing tools.

Attackers target external assets and software that are not visible to security practitioners that rely on conventional attack surface management and vulnerability management solutions alone. To reduce cyber risk and bridge the IT security gap, the modern enterprise must be able to achieve complete visibility of both internal and external internet-facing assets.

Discover, detect, prioritize, and automate remediation with Qualys

Qualys CSAM with EASM gives IT and Security Teams a means of achieving complete visibility of both internal and external internet-facing assets in a way that is natively integrated with Qualys Web Application (WAS) and the World’s leading vulnerability management solution – VMDR.

Rely on CSAM to visualize your entire attack surface, automate remediation workflows, and reduce cyber risk.

See your attack surface like an attacker would

The attack surface is expanding at an exponential rate, providing attackers with new targets. More than 30% of all on-premises and cloud assets and services are not inventoried. It’s a huge visibility gap for cybersecurity!

CSAM is a cloud service that allows customers to continuously discover, classify, remediate, and measurably improve their cybersecurity posture for internal and external IT assets before the attackers can – and with the same actionable intelligence that the attackers use. It discovers all known and previously unknown internet-facing assets for 100% visibility and tracking of risks.

Qualys CSAM includes External Attack Surface Management which adds “defense-in-depth” to update an organization’s cybersecurity posture. It provides the ability to continuously discover and classify previously unknown assets with a Red Team-style asset and vulnerability management solution for full 360-degree coverage.

Manage your security posture with Qualys CyberSecurity Asset Management | Qualys, Inc.

Complete asset and software visibility across distributed hybrid environments.

Improve threat prioritization with asset criticality ratings.

Reduce tech debt with real-time EOL/EOS software tracking compliant with CISA guidelines.

Synchronized with CMDB for comprehensive inventory of managed & unmanaged assets.

Key Features & Benefits

Asset Management Built for Security and Integrated with IT

  • Complete catalog of your full IT-IoT ecosystem

    Continuous discovery of all assets and software instances in the cloud, on-premises, IT and IoT environments. CyberSecurity Asset Management uses advanced credentialed and non-credential scanning technologies to continuously and quickly discover and classify vulnerabilities for remediation. It automatically finds known and previously unknown assets ranging from instances and containers to repositories and devices along with domains and subdomains, connected subsidiaries and business partners for full visibility of potential risk vectors.

    Learn more

  • Automatically augment and enrich your CMDB

    Automatically keep your CMDB up-to-date with credible and comprehensive asset metadata, complemented with data correlation and reconciliation CyberSecurity Asset Management uses advanced credentialed and non-credential scanning to continuously and quickly discover, classify and prioritize vulnerabilities for remediation that simultaneously increases risk insight and decreases MTTR but up to 50% from other asset management and vulnerability management stacks.

    Learn more

  • Visualize Internal and External assets

    Continuous discovery of all assets and software instances in the cloud, on-premises, IT, OT and IoT environments with TruRisk scoring. Automatically find known and previously unknown assets ranging from instances and containers to repositories and devices along with domains and subdomains, connected subsidiaries, and business partners for complete visibility of potential risk vectors that are informed by the Qualys TruRisk scoring methodology.

    Learn more

  • Reduce technology debt and compliance violations

    Uncover gaps in policy compliance, policies, configurations, and security hygiene with asset criticality scoring. CyberSecurity Assign asset criticality score to a tag and the corresponding asset with organizational in-context enrichment data. This context enables analysis of threats and misconfigurations in real time, with six-sigma accuracy. The service continuously detects remotely exploitable vulnerabilities and critical misconfigurations across the global hybrid environment such as EOL/EOS and unauthorized or missing titles to compliment technology roadmap planning and policy compliance.

    Learn more

  • Prioritize remediation actions based on risk

    Leverage transparent TruRisk methodology to assign asset criticality score to a tag and the corresponding asset with organizational in-context enrichment data. CyberSecurity With the context provided by Qualys TruRisk, CyberSecurity Asset Management simultaneously improves vulnerability analysis and decreases MTTR by up to 50% from other asset management and vulnerability management stacks.

    Learn more

  • Integrate with ITSM tools, including ServiceNow

    Bidirectional workflows between ITSM tools, such as Jira and ServiceNow, allow Security and IT Teams act quickly on remediation actions and track risk reduction over time. CyberSecurity Threat insights are worthless without an IT team’s ability to implement remediation actions against them quickly. With CyberSecurity Asset Management, leverage the seamless integration between the Qualys Platform and ITSM tools to track, trace, and patch with no-code workflows.

    Learn more
Asset Management Features and Benefits

Getting visibility and control of the entire attack surface

External Attack Surface Management (NEW) (2 mins)

External Attack Surface Management (NEW) (2 mins)

CSAM Highlights (2 mins)

Features Overview (5 mins)

Qualys external attack surface Management

Get an attacker’s view of the full IT ecosystem

What isn’t known can’t be secured. Qualys CSAM with External Attack Surface Management collects data from on-premises devices and applications, all endpoints, cloud, containers, OT, and IoT. It continuously discovers IT assets for 100% real-time visibility of a global hybrid IT environment. The service works in conjunction with the Qualys Cloud Platform and Qualys sensors (scanners, cloud connectors, container sensors, cloud agents, passive sensors and APIs) to continuously discover all assets.

  • Gain actionable intelligence, visibility, and insight into the entire internal and external attack surface

  • Discovers domains, subdomains, and certificates within the enterprise and in subsidiaries and business partners for full visibility of remotely exploitable vulnerabilities – including previously unknown devices via attribution

  • Expose “shadow IT” and baseline discrepancies including VMs, containers, functions-as-a-service, and IoT that spin up faster than IT can track with legacy tools

  • Get an outside-in view of internet-facing assets to spot security endpoint blind spots

  • Reduce tech debt with CISA-compliant end-of-life and end-of-support software tacking, and Ling software versioning to track OS status and related vulnerabilities

    Learn more
Qualys Cloud Platform: CyberSecurity Asset Management - External Attack Surface Assets tab | Qualys

Find security gaps with quantitative cyber risk management

Using a disciplined approach to managing cybersecurity risk will help an organization produce better, faster results for securing the enterprise. Qualys CSAM with External Attack Surface Management is fully integrated with Qualys VMDR with Qualys TruRisk. This enables a rigorous cyber risk management process based on automatic correlation of discovered assets, associated vulnerabilities found, and their degree of direct impact on the customer’s unique business. Continuous analysis enables viewing potential attacks from the attacker’s perspective: finding the easiest path to compromise business processes or steal the most valuable data. As a result, CyberSecurity teams know exactly which vulnerabilities to address first based on actual risk, and which can be de-prioritized or ignored due to low or no impact on the business.

  • Tag assets for easy grouping

  • Enable risk management

  • Execute like an attacker

  • Enable business impact analysis (BIA)

    Learn more

Qualys Cloud Platform: CyberSecurity Asset Management - External Attack Surface Assets tab | Qualys

Assign risk profile

Focus security prioritization efforts on high-importance and high-risk assets by defining key business and technical context. Asset Criticality is a user-defined measure of asset function, environment, and service and includes the following:

  • The user optionally selects a criticality score on a Tag which is then applied to one or more assets
  • An asset attribute is assigned the highest criticality score among allocated asset tags
  • If pulling data from CMDB, the asset criticality score is automatically assigned to a tag and the corresponding asset

Quickly identify blind spots

When considering IT inventory from a security perspective, it is not sufficient to just have a comprehensive view of the environment. Qualys CyberSecurity Asset Management (CSAM) applies multiple layers of in-context technical and business data to establish a security view of IT inventory that enables easy, quick identification of at-risk assets.

  • Proactively track authorized and unauthorized software
  • Automatically manage multiple software lists based on asset type, location, criticality, and usage
  • Track detailed asset information for flagging configuration issues, security risks, IT policy violations, and non-compliance
Unmanaged assets view in Qualys Global AssetView | Qualys, Inc.

Orchestrate automatic alert, report and response

Orchestration provides automatic response to true business threats. Qualys CSAM in conjunction with Qualys VMDR with Qualys TruRisk controls orchestration by thresholds and other criteria set by a team to enable faster MTTR. An orchestration process could be deployment of the most relevant, correct and superseding patch for auto-remediation. Another is automatic quarantine of suspicious devices until team investigation. The service automatically documents compliance with regulations and policies, including full SOC 2 Type II. As part of the Qualys Cloud Platform, CyberSecurity Asset Management is fully integrated with all Qualys services.

  • Alert, report, and respond to identified security risks

  • Auto-document compliance for PCI DSS, FedRAMP, NIST, ISO, and other policies

  • Leverage the integrated Qualys Cloud Platform, to extend beyond External Attack Surface Management

Unmanaged assets view in Qualys Global AssetView | Qualys, Inc.
Unmanaged assets view in Qualys Global AssetView | Qualys, Inc.

ServiceNow integration delivers full context on all assets

Continuous bi-directional synchronization with the ServiceNow CMDB enables automatic enrichment with business and organizational data. This feature populates a ServiceNow CMDB with 360-degree asset data from Qualys and infuses Qualys with relevant CMDB attribute data for business impact analysis (BIA). The result: creation of accurate asset risk profiles and criticality measures to help a team focus on remediating the risk present in the most critical assets first.

Learn more

  • Continuously sync with ServiceNow

  • Add context for security-centric asset visibility

  • Add security and business context to asset inventory

Unmanaged assets view in Qualys Global AssetView | Qualys, Inc.

Powered by the Qualys Cloud Platform

Easy deployment

Deploy from a public or private cloud — fully managed by Qualys. With Qualys, there are no servers to provision, no software to install, and no databases to maintain. You always have the latest Qualys features available through your browser, without setting up special client software or VPN connections.

Centralized & customized

Centralize discovery of host assets for multiple types of assessments. Organize host asset groups to match the structure of your business. Keep security data private with our end-to-end encryption and strong access controls. You can centrally manage users’ access to their Qualys accounts through your enterprise single sign-on (SSO). Qualys supports SAML 2.0-based identity service providers.

Scalable and extensible

Scale up globally, on demand. Integrate with other systems via extensible XML-based APIs. You can use Qualys with a broad range of security and compliance systems, such as GRC, ticketing systems, SIEM, ERM, and IDS.

Learn more about the Qualys Cloud Platform

CyberSecurity Asset Management Resources

Qualys Active Directory Connector

Solution Brief

Qualys Joins the Big Leagues in Attack Surface Management

Report

CyberSecurity Asset Management (CSAM)

Fact Sheet

CyberSecurity Asset Management (CSAM)

Solution Brief

CyberSecurity Asset Management (CSAM)

Checklist

CyberSecurity Asset Management (CSAM)

Datasheet

Qualys Brings External Attack Surface Management (EASM) to...

Press Release

Introducing CyberSecurity Asset Management with Natively...

Blog

What is Attack Surface Management?

Blog

Qualys CyberSecurity Asset Management with EASM

Watch Video

Introducing Qualys CSAM with External Attack Surface Management

Webinar

Qualys CSAM helps discover and manage cybersecurity risks in IT assets

Report

CSAM Deep-Dive Demo

Watch Video

AssetView / CSAM Q&A

Watch Video

The CISOs Hierarchy of Needs

Datasheet

See for yourself.
Try Qualys CSAM with External Attack Surface Management. Its free!

Start your free trial today.
No software to download or install. Email us to request a quote or call us at 1 (800) 745-4355.

Try it free