Automate configuration assessment of global IT assets.
Cloud solution for expanding VM programs with configuration scanning and simplified workflows to address configuration issues
Both vulnerability assessment and security control assessment capabilities are critical because many regulations prescribe technical control assessments (which drives SCA) and also explicitly prescribe vulnerability assessments.Anton Chuvakin Research Vice President & Distinguished Analyst, Gartner
Configuration assessment is an essential part of a comprehensive vulnerability management program. However, our competitors either combine lightweight vulnerability and configuration assessment, or offer the functionalities in separate products that aren’t integrated. Qualys gives you the best of both worlds. Qualys Vulnerability Management (VM) continuously scans and identifies vulnerabilities with Six Sigma (99.99966%) accuracy, protecting IT assets on premises, in the cloud and mobile endpoints. Qualys SCA, designed to work natively with Qualys VM, can be added seamlessly to your account with one click. Qualys SCA complements Qualys VM’s capabilities for detecting IT asset flaws with capabilities for assessment and reporting of configuration settings in 4 easy steps:
DEFINE: Import the applicable CIS policies in your subscription, and then customize the control values in the policy or policies per your security standards, or select/deselect the controls, all using Qualys SCA’s simple, web-based UI
ASSESS: Scan your IT assets and map the asset to the right CIS policy.
REPORT: Generate the report showing your control posture against the CIS Benchmarks, Qualys-provided remediation information, and the evidence for failure or passing, as well as the references to compliance standards. You can activate and deactivate controls as necessary for reporting purposes.
REMEDIATE: Remediate the failed controls, using Qualys-provided control remediation information.
Improperly configured IT assets put your organization at an increased risk for breaches. However, it’s common for organizations to rush systems into production with default settings and without basic hardening. Addressing these issues is key for data protection, regulatory compliance, and secure digital transformation initiatives.
With Qualys SCA, you’ll be able to automatically and continuously check that your IT assets — on premises, in clouds and on mobile endpoints — are configured securely according to CIS guidelines. This will give your organization a solid foundation not only for security but also for compliance with most regulations like HIPAA and with industry mandates like PCI-DSS.
Providing the industry’s widest coverage for CIS Benchmark technologies, Qualys SCA assesses the configuration of elements such as:
Qualys SCA operationalizes the non-profit Center for Internet Security’s (CIS) Benchmarks by supporting them out of the box and automating the assessment of critical configuration settings on your IT assets against these guidelines.
The CIS Benchmarks , applicable to over 100 technologies and platforms, are unbiased and not motivated by profit considerations, and created via consensus by a community of international cybersecurity experts, including experts from Qualys.
SCA uses the same data collection technologies as Qualys VM, allowing for agent or agentless data collection, so that customers can comprehensively detect and better safeguard global endpoints, on-premises systems and cloud assets against today’s evolving cyber threats. Qualys data collection tools and processes cover all your bases and include:
With its benchmark-based guidance, simplified workflows for scanning and reporting, and cloud-based deployment, Qualys SCA provides a variety of advantages over competing products, especially legacy point solutions installed on premises: