Qualys Cloud Agents work where it’s not possible or practical to do network scanning. They’re our preferred method for assets like dynamic IP client machines, remote/roaming users, static and ephemeral cloud instances, and systems sensitive to external scanning. Qualys Cloud Agents continuously collect data from across your entire infrastructure and consolidate it in the Enterprise TruRisk Platform for you to view. Our Cloud Agents also allow you to respond to issues quickly. Whether it’s killing processes, quarantining files or endpoints, patching vulnerabilities, removing exploits, fixing misconfigurations, or uninstalling software, our singular agent can do it all.
Qualys Gateway Service lets your organization utilize Qualys Cloud Agents in secured environments. It securely extends the power of Enterprise TruRisk Platform into highly locked-down data centers, industrial networks, OT environments, and anywhere direct Internet access is restricted. It does this through virtual appliances managed from the Enterprise TruRisk Platform.
Together, Qualys Cloud Agent and Qualys Gateway Service provide an easily optimized, bandwidth-efficient platform. Qualys QGS eliminates the cost and complexity of deploying, managing, maintaining, and securing third-party proxies and web gateways for cloud agent installations at scale. It also creates a local cache for downloaded content from Qualys Cloud Agents such as manifests, updates, etc., and stores patches when used with Qualys Patch Management.
Start your trial today. No software to download or install. Email us or call us at 1 (800) 745-4355.
Knowing what’s on your global hybrid-IT environment is fundamental to security. Qualys Cloud Agents are the workhorse behind our Global AssetView (GAV) solution. They continuously monitor assets for real-time, detailed information that’s constantly transmitted to the Enterprise TruRisk Platform for analysis.
Installed Cloud Agents provide the ability to determine the security and compliance posture of each asset
Continuously monitor assets for the expired licensees, out-of-date operating systems, application versions, expired or soon-to-be-expired certificates, and more
Cloud Agents keep your inventory always up to date even when assets are offline
Know the location of your devices and when they access or leave the network
Asset Inventory Cloud Agents are Free!
The Qualys Cloud Agent brings additional real-time monitoring and response capabilities to the vulnerability management lifecycle.
Get 100% coverage of your installed infrastructure
Eliminate scanning windows
Continuously monitor assets for the latest operating system, application, and certificate vulnerabilities
Track critical patches that are missing on each device and deploy patches in real-time
Requires no credential management or complex firewall profiles
Improved Total Cost of Ownership (TCO) due to easier agent deployments and reduced maintenance
Improved flexibility and reduced overhead as the Qualys Cloud agent can perform both vulnerability and patch management functions
Cloud agents improve overall policy compliance efforts by providing the ability to perform configuration checks on endpoint systems, which is extremely difficult to do using traditional network scanning solutions.Qualys Cloud Agents are lightweight
Continuously evaluate in real-time all relevant asset security misconfigurations against standards and benchmarks such as PCI DSS, CIS, ISO, HIPAA, and more
Continuously log and track unauthorized changes to files across global IT systems
Automatically maintain up-to-date data without credential management or complex firewall remote access
Qualys Cloud Agents continuously collect and stream multi-vector endpoint data to the Enterprise TruRisk Platform, where the data is correlated, enriched, and prioritized. This provides security professionals with the intelligent context they need to respond to threats quickly and effectively.
Cloud Agents provide immediate access to endpoints for quick response
Kill processes, quarantine files, uninstall compromised applications, remove exploits, and fix misconfigurations – the Cloud Agent can do it all!
The Cloud Agent architecture greatly simplifies asset discovery, tracking, and compliance monitoring in containers and highly dynamic cloud environments like Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform, and Oracle Cloud Infrastructure.
Embed Qualys Cloud Agents into the master images of your cloud servers
Cloud Agents automatically register, self-update, and track new instances created from the master images
Cloud Agents eliminate the need for separate discovery mechanisms
Continuous scanning with Cloud Agents removes the need to constantly spawn scanners for new instances
Cloud Agents keep your information always up to date even when virtual workloads are offline
Qualys Cloud Agents provide up-to-date cloud service provider (AWS, GCP, Azure) metadata
Passive discovery with the Qualys Agent introduces a novel approach to passive discovery that is more efficient, easier to implement, does not require information on network design, and delivers results faster than other solutions on the market.
Continuously monitor the network and identify unmanaged and untrusted devices in real time.
Manage and control network access with precision (Zero-Trust Security Architecture) by proactively identifying devices connected to the network that are not authenticated or missing security agents, etc.
Add unmanaged devices to your vulnerability management program, scan for vulnerabilities and compliance issues, calculate your TruRisk score, and prioritize remediation actions based on business risk.
Turbocharge CMDB accuracy and coverage by automatically adding discovered assets to the configuration management database (CMDB).
Empower your IT team with the comprehensive visibility they need to effectively manage the asset inventory lifecycle and remediate cyber risk.
Runtime Software Composition Analysis (SCA) offers continuous and real-time visibility of deeply embedded open-source packages and commercial software components such as Log4j and OpenSSL present in the production of first-party and third-party applications.
Provides visibility into your software supply chain on Day Zero to proactively address potential risks and fortify applications against emerging threats by expanding scanning capabilities across various programming languages, including Java, Go, .Net, Python, Node JS, Rust, Ruby, PHP, and more.
More than 15,000 new signatures covering more than 12,000 Common Vulnerabilities and Exposures (CVEs) are provided for the most widespread and significant, including Denial of Service (DoS), Regular Expression Denial of Service (ReDoS), Privilege Escalation, Directory/Path traversal, SQL Injection, and even the deserialization of trusted data.
Seamless integration with your existing workflows for vulnerability management, enabling efficient and automated reporting.
Customize scans to meet unique environment needs, including the ability to target specific paths to crawl or expand the scope to increase coverage and configure separate scan intervals, CPU usage, and more.
Qualys Custom Assessment and Remediation empowers security practitioners to create and execute custom scripts and create custom detections quickly. Scripts are centrally managed and executed anywhere a Qualys Cloud Agent exists. The service creates a library of reusable scripts and security controls using the preferred scripting language for the task.
Proactively detect & rapidly respond to known and Zero-Day vulnerabilities and reduce MTTR by 50%.
Secure and monitor custom applications identify and remove sensitive data (PCI Audits).
Streamline SecOps & InfoSec response with integrations with the platform and centralized control over scripts.
Support for a variety of scripting languages such as PowerShell, Python, and more.
All the data collected by the Qualys Cloud Agent installed in an IT environment resides within the Enterprise TruRisk Platform. Qualys’ extensive and easy-to-use XML API makes integrating your data with third-party tools easy. Some of the third-party products that have Qualys integrations are the following:
Start your trial today. No software to download or install. Email us or call us at 1 (800) 745-4355.