Introducing VMDR - Vulnerability Management, Detection and Response
VMDR delivers a continuous cycle of protection from a single pane of glass with built-in orchestration workflows and real-time vulnerability detection to prioritize, remediate and audit across hybrid IT environments
Qualys Security Conference QSC19 – Las Vegas – November 19, 2019 – Qualys, Inc. (NASDAQ: QLYS), a pioneer and leading provider of cloud-based security and compliance solutions, today announced its new Vulnerability Management, Detection and Response (VMDR) app to provide customers with one streamlined workflow to scan, investigate, prioritize and neutralize threats.
VMDR is a giant leap forward, helping organizations of all sizes to strengthen their security posture by offering a complete VM workflow that:
“With VMDR, Qualys integrates highly valued and much-needed asset visibility with vulnerability management so that IT teams can have full visibility of their global IT assets (known and unknown). This provides the ability to identify the exposure of those assets in real-time, and to prioritize remediation by combining real-time threat indicators with asset context to remediate with one click and then audit the process,” said Scott Crawford, research vice president at 451 Research.
“Game-changing VMDR takes vulnerability management to the next level by providing the power to continuously detect vulnerability and misconfigurations across the entire global hybrid IT environment, and respond in real-time to remediate assets that are vulnerable or already compromised from a single platform with built-in orchestration,” said Philippe Courtot, chairman and CEO of Qualys. “Equally important, the new asset-based pricing and its delivery as a single, self-updating app, makes it easier to procure, deploy and manage, drastically reducing the total cost of ownership.”
VMDR bundles Asset Discovery and Inventory, Vulnerability Assessment including Configuration Controls, Prioritization, Remediation and Audit as a single app. It is effortless to deploy on a global scale, and pricing is on a per asset basis. This pricing makes the app simple to procure as a fully bundled solution, drastically saving deployment, administration and software subscription costs with real-time, light-weight Cloud Agents and Virtual Scanners that are easy to deploy and self-updating.
VMDR brings the vulnerability management category to the next level with a single app and built-in workflows that provide:
Automated Asset Identification and Categorization
Knowing what’s active in a global hybrid-IT environment is fundamental to security. With Qualys VMDR, customers can automatically discover and categorize known and unknown assets, continuously identify unmanaged assets, and create automated workflows to bring them to a managed state. After the data is collected, customers can instantly query assets and their attributes to get deep visibility including hardware, system configuration, installed software, services, and network connections.
Real-Time Vulnerabilities and Misconfiguration Detection
Qualys VMDR allows customers to automatically detect vulnerabilities and critical misconfigurations per CIS benchmarks, broken down by asset. Misconfigurations that do not have CVEs are a major source of breaches and compliance failures, creating vulnerabilities on the assets that do not have CVEs. Critical vulnerabilities and misconfigurations are continuously identified on the widest range of devices, operating systems, and applications in the industry.
Automated Remediation Prioritization
Qualys VMDR uses real-time threat intelligence and machine learning models to automatically prioritize the highest risk vulnerabilities on the most critical assets. Indicators such as Exploitable, Actively Attacked, High Lateral Movement, etc. are used to bubble up vulnerabilities that are currently at risk while machine learning models help to highlight vulnerabilities that will most likely become severe threats based on attributes of the vulnerability, providing multiple levels of prioritization.
Patch and Remediate at your Fingertips
After prioritizing vulnerabilities by risk, Qualys VMDR also enables rapid, targeted remediation of these vulnerabilities across any size environment by deploying the most relevant superseding patch. Additionally, policy-based, automated recurring jobs keep systems up to date, providing proactive patch management for security and non-security patches that reduce the number of vulnerabilities the operations team has to chase down as part of a remediation cycle.
Confirm and Repeat
With Qualys VMDR, users can close the loop and complete the vulnerability management lifecycle from a single pane of glass with real-time customizable dashboards and widgets, built-in trending and per asset pricing, along with no software to update all of which drastically reduce the total cost of ownership.
Qualys VMDR will be available in January 2020. Pricing starts at $199 per asset (minimum quantity 32).
Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of cloud-based security and compliance solutions with over 12,200 customers and active users in more than 130 countries, including a majority of each of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and consolidate their security and compliance solutions in a single platform and build security into digital transformation initiatives for greater agility, better business outcomes, and substantial cost savings.
The Qualys Cloud Platform and its integrated Cloud Apps deliver businesses critical security intelligence continuously, enabling them to automate the full spectrum of auditing, compliance, and protection for IT systems and web applications on-premises, on endpoints and elastic clouds. Founded in 1999 as one of the first SaaS security companies, Qualys has established strategic partnerships with leading cloud providers like Amazon Web Services, Microsoft Azure and the Google Cloud Platform, and managed service providers and consulting organizations including Accenture, BT, Cognizant Technology Solutions, Deutsche Telekom, DXC Technology, Fujitsu, HCL Technologies, IBM, Infosys, NTT, Optiv, SecureWorks, Tata Communications, Verizon and Wipro. The company is also a founding member of the Cloud Security Alliance. For more information, please visit www.qualys.com.
Qualys and the Qualys logo are proprietary trademarks of Qualys, Inc. All other products or names may be trademarks of their respective companies.