Summary
Portfolio of well- known consumer product brands focusing on food and milk for children, natural spreads and healthy snacks
Success Story
Onboarding Acquisitions with Confidence
Hero Group Boosts Visibility of Threats and Accelerates Remediation with Qualys VMDR and Patch Management
Outcomes
Significant reduction in MTTR since first deploying Qualys
reduction in all vulnerabilities in one acquired busines
Business Background
To expand its offering, Hero Group is driving an acquisitive growth strategy. Onboarding new brands gives the company valuable opportunities to reach new consumers, but bringing acquired IT systems into the organization presented significant information security challenges. To strengthen its posture and address incoming regulatory requirements such as the European Union Network and Information Security Directive (NIS 2), the organization aimed to quickly and accurately identify vulnerabilities across its expanding IT estate and put in place best-practice processes for timely remediation.
Business Challenges
Scan more than 750 on-premises servers and cloud instances for vulnerabilities
Prioritize remediation activities based on factors such as business criticality and severity
Streamline patching workflows to secure buy-in from system owners and accelerate remediation tasks
Identify and decommission end-of-life hardware in use across the global enterprise
Gain accurate insights into the progress of remediation activities across core systems and newly acquired businesses
By partnering with Qualys, we saw an opportunity to formalize and refine our approach to vulnerability management. The aim was to implement best practices for prioritization and remediation, backed by a single source of truth on vulnerabilities across the entire business.”
Qualys Solution
As the first step on its vulnerability management journey, Hero Group deployed Qualys VMDR. Combining lightweight Qualys Cloud Agents with network-based scanning capabilities, the Qualys solution offers Hero Group deep insight into its overall risk posture. Dijkhuizen comments: “Using VMDR, we quickly built up a comprehensive, prioritized list of all the vulnerabilities across our estate.
To help us work through those remediation tasks in a structured and effective way, we decided to augment the solution with Qualys Patch Management.” With Patch Management, Hero Group can keep track of missing patches across all their on-premises and cloud environments and automatically prompt its system owners to apply updates quickly.
"In the past, we relied heavily on tools such as Windows Server Update Services [WSUS] to keep our operating systems up to date, but we were in the dark when it came to our Linux systems and third-party apps,”
explains Dijkhuizen.
“With Qualys Patch Management, we can cover all our operating systems and apps from a single point of control.”
Hero Group continues to refine its approach to the vulnerability management lifecycle, which now includes Qualys Web Application Scanning for customer-facing sites.
"In the past, we relied heavily on tools such as Windows Server Update Services [WSUS] to keep our operating systems up to date, but we were in the dark when it came to our Linux systems and third-party apps,”
explains Dijkhuizen.
“With Qualys Patch Management, we can cover all our operating systems and apps from a single point of control.”
Hero Group continues to refine its approach to the vulnerability management lifecycle, which now includes Qualys Web Application Scanning for customer-facing sites.
Qualys VMDR, Patch Management, and Web Application Scanning are helping us mature our information security capabilities and proactively address areas of risk. With Qualys solutions and our expert team looking after our environment, I never have any worries when I go on vacation.”
Qualys Difference
Replaces ad hoc vulnerability management activities with a centralized, standards-driven methodology
Enables fine-grained prioritization for remediation work based on insights from Qualys Enterprise TruRisk™ Platform
Delivers comprehensive threat insights across all on-premises operating systems and cloud environments (AWS, Azure)
Highlights IT assets that are approaching or have reached end-of-life
Lays the foundations for higher levels of automation in the patching process
Creates a single source of truth for vulnerability reporting, enabling gamification of the remediation process
Mitigates the risk of onboarding IT systems from future business acquisitions