Cloud Platform
Contact us
Asset Management
Vulnerability & Configuration Management
Risk Remediation
Threat Detection & Response
  • Overview
  • Platform Apps

  • Qualys Endpoint Security

    Advanced endpoint threat protection, improved threat context, and alert prioritization

  • Context XDR

    Extend detection and response beyond the endpoint to the enterprise

Compliance
Cloud Security

Success Story

IDB Bank Fortifies Defenses and Optimizes Remediation with Qualys CSAM 

Enhancing Visibility, Proactive Risk Management, and Collaboration Across IT and Security Teams in a Dynamic Financial Landscape 

Business

Founded in 1935, IDB Ltd. is one of the three largest commercial banks in Israel and one of the 300 largest banks in the world. IDB Ltd. and its subsidiaries, including IDB Bank of New York, have a network of branches and representative offices in Israel and abroad, with several thousand employees. IDB Ltd. also has an extensive international network of correspondent banks. From private banking and wealth management to commercial banking, the high-tech sector, and more, IDB brings an innovative mindset, deep industry expertise, and a broad suite of new banking solutions to the table, all of which are tailored their customers’ unique needs.

Executive Summary

IDB Bank uses Qualys’ CyberSecurity Asset Management (CSAM) powered by the Enterprise TruRisk Platform to gain complete visibility of assets, proactively monitor and manage tech debt, and keep an upto-date CMDB—streamlining remediation across IT and security teams to bolster security posture.

Customer Environment

Hybrid cloud infrastructure
Diverse needs for cyber risk reporting (internal audit, board/executives, compliance stakeholders)
Strict requirements for asset visibility and risk assessment in a highly regulated industry

Business Background

IDB Bank has an innovative mindset when it comes to banking solutions and when it comes to business technology. As the business continues to seek advantages in technology, the environment is becoming more complex. That means the cyber security team needs continuous visibility into assets on-premises and in the cloud (AWS, etc). IDB Bank needed one platform to measure, communicate, and eliminate risk associated with all assets across its environment.

Business Challenges

Defending a hybrid IT environment in a sensitive and highly regulated industry
CMDB unable to identify unknown external assets or cloud assets as the business shifts to AWS resulting in remediation gaps and manual data sharing between IT and security
Technology environment is evolving quickly, and tech debt from unmanaged assets introduces unnecessary risk
Regulators require documented process for discovering new assets
Difficulty tracking and verifying that all assets are running the correct security and IT agents
Reporting KPI to cross-functional leadership team

Not only can we see every asset on-prem and in the cloud, but we also know the overall risk. From one view, we see overall risk, identify critical vulnerabilities and EoL/EoS, and determine the extent to which they affect various assets throughout the entire attack surface. This comprehensive asset data allows us to automatically allocate tasks to the relevant teams, thereby reducing remediation time by up to a month.”

Qualys Solution

As the IT environment grew in complexity, IDBNY needed a way to collect comprehensive and actionable asset data in one place. This would allow them to drive detect and prioritize vulnerabilities for remediation across their ever-changing environment. Qualys provided an integrated approach, with CyberSecurity Asset Management (CSAM) as the key puzzle piece to solving business challenges. Adding CSAM to the Enterprise TruRisk Platform delivered these key elements for IDB Bank:

  • Complete visibility of all assets with continuous discovery, providing IDB Bank the ability to manage everything on-premises, cloud and external internet-facing assets
  • Proactive management of tech debt (EoL/EoS) with effective dashboarding and planning for software, hardware, and OS updates/mitigation to reduce risk for critical assets
  • Continuous risk assessment of unauthorized software (such as file sharing or packet inspection) and missing security agents (such as CrowdStrike and Splunk)
  • CMDB sync to add previously missing cloud assets to IT’s source of truth and, more importantly, leveraging business context for assets to automatically assign remediation tickets to the appropriate teams (MTTR slashed from 30 days to 1-2 days)
  • Reporting through a unified dashboard with defined risk thresholds and automated alerts, allowing managers to easily prioritize issues.

Qualys CSAM bolstered IDBNY’s security posture by providing 100% coverage for their VM program. With comprehensive discovery methods and business context of assets, they can proactively identify vulnerabilities and prioritize according to TruRisk. This streamlines the work for security and IT teams and provides the visibility required for internal audits, executive leadership, and regulators.

We needed one platform to manage everything. By adding Qualys CSAM to VMDR, we gained the visibility to defend our cloud assets & continuously identify and protect new assets in our environment.”

Qualys Difference

Complete visibility of asset and software encompassing tagging and categorization across all environments—including real-time detection of newly added assets using the network passive sensor to satisfy compliance requirements
Automated asset discovery enhanced Mean Time to Detection (MTTD) by 200%, reducing business risk, expanding compliance capabilities, and optimizing the security team’s time.
Clearly measure, communicate, and eliminate risk from EoL/EoS operating systems and software 6-12 months in advance with Key Risk Indicator dashboards and SLA governance for tech debt mitigation
Automatically assign ServiceNow remediation tickets based on Qualys asset tags with 95% accuracy, decreasing mean-timeto- remediation by up to a month in some cases

Business Outcomes

Maintain continuous visibility of assets in the environment, allowing IDB Bank to stay secure as they explore digital advantages for the business

Proactively manage and eliminate tech debt while communicating risk to compliance officials and internal stakeholders

Bridge the IT-Security gap with automated data sharing and ticket assignments between Qualys and ServiceNow CMDB

It also allows us to stay ahead of EoL and EoS upgrades, with plans for next year’s updates already in place. The biggest win for us is CMDB sync, which allows us to automatically assign 90% of vulnerabilities to the correct teams and asset owners, saving us weeks of triage time.”