Cloud Platform
Solutions
Cloud Platform Apps
Customers
Partners
Community
Support
Company
Login
Contact us
Try it
2023 Qualys TruRisk Research Report - Download Your Copy Now

Qualys Threat Protection Solutions

Actionable threat intelligence and proactive cybersecurity backed by the power of the Qualys Cloud Platform

Sodexo

Qualys not only highlights and ranks the vulnerabilities, but also makes precise recommendations for how best to remediate them - a critical advantage for teams in smaller business units that may have limited IT security resources.

John Bruylant Group CTO at Sodexo

What is Threat Intelligence?

Qualys Multi-Vector EDR and Context XDR leverage the Qualys Cloud Platform and empower organizations with hyper-accurate threat detection and real-time prevention of identity-based attacks combining the power of advanced AI, behavioral analytics and a flexible policy engine to enforce risk-based conditional access.

Get the eBook

Threat Features

Qualys Threat Protection Solutions

Threat Highlights

  • Robust data analysis

    Qualys Threat Protection’s search engine lets you look for specific assets and vulnerabilities and IT asset inventory, leveraging Qualys Cloud Platform’s robust back-end engine to automate this large-scale and intensive data analysis process. With thousands of new vulnerabilities disclosed annually, you’ll always know which ones pose the greatest risk to your organization at any given time.

  • Live Threat Intelligence Feed

    As Qualys engineers continuously analyze and rate new threats from internal and external sources, Threat Protection’s Live Threat Intelligence Feed displays the latest vulnerability disclosures and maps them to your impacted IT assets. You can see the number of assets affected by each threat and drill down to asset details.

  • Centralized control and visualization panel

    A single dynamic dashboard includes customizable views, graphs and charts giving you a clear and comprehensive real-time view of your threat landscape at a glance. You can create multiple dashboard views and organize vulnerabilities by real-time threat indicator (RTI) types, such as zero-day exploits.

  • Powerful search function

    Qualys Threat Protection’s search engine lets you look for specific assets and vulnerabilities by crafting ad hoc queries with multiple variables and criteria. You can sort, filter, drill down and fine-tune results. Queries can be saved and turned into dashboard widgets that can display trend graphs for up to 90 days.

Qualys Threat Protection: Summary view | Qualys

Mesh your IT asset inventory data with threat

Qualys’ threat protection solutions continually correlate external threat data with vulnerability gaps in your IT environment, so your remediation priority decisions are rooted in concrete, up-to-date, applicable data—not in guesswork or arbitrary schedules. That way, you stay a step ahead of hacks and attacks, patching bugs before the bad guys exploit them.

  • Leverage the comprehensive IT asset catalog of Qualys asset inventory capabilities and Qualys VMDR’s Six Sigma vulnerability detection accuracy

  • Prioritize remediation with precision and flexibility in a continual, contextual and automated manner, so the constant stream of new bug disclosures doesn’t overwhelm your time or resources

  • Connect the dots and flag at-risk IT assets wherever they reside—on premises, in cloud environments or at mobile endpoints

  • Improve the efficiency of DevOps teams by bringing threat prioritization clarity into the application development and deployment lifecycle via integrations with CMDB and CI/CD tools

  • Deliver a dynamic snapshot of all existing vulnerabilities in your IT environment at any point in time

  • Achieve actionable intelligence, enabling you to assess criticality of certain threat scenarios in your organization’s unique business environment

Qualys Threat Protection: Summary view | Qualys
Qualys Threat Protection: Asset view | Qualys

Look for specific IT assets and vulnerabilities

Qualys Threat Protection’s search engine provides a powerful tool to look for specific assets and vulnerabilities. You can quickly and proactively identify systems across your entire IT environment that are exposed to specific threats, and then take remediation action right away. The search syntax is intuitive with a query auto-complete feature. Threat Protection’s search engine lets you:

  • Craft ad hoc queries with multiple variables and criteria such as asset class, vulnerability type, RTI, tag, and operating system; for example, search all vulnerabilities that have a severity rating of 5, are easy to exploit and were disclosed within the last five days

  • Sort, filter and refine search results

  • Save any search, download results and share them

  • Turn queries you run regularly into permanent dashboard widgets that are dynamically updated in real time

Qualys Threat Protection: Asset view | Qualys
Qualys Threat Protection: LIve Feed view | Qualys

See a live feed of vulnerability disclosures

Qualys Threat Protection’s Live Threat Intelligence Feed keeps organizations up-to-date on the latest vulnerabilities and news, so your cybersecurity team remains informed about new disclosures and existing bugs with rising risk severity. The Live Threat Intelligence Feed:

  • Manages the flood of new vulnerability disclosures, so you’re aware of the latest threats exploited in the wild

  • Displays how many IT assets are impacted by each disclosure, thanks to the solution’s powerful data correlation capabilities

  • Segments its content into different columns, including high-rated” items that Qualys flags as well as your handpicked favorites pinned to the feed’s UI

  • Drills down on feed entries for further details and more granular information on a particular vulnerability and affected IT assets

  • Allows fine-tuning to narrow down the feed list by filtering and sorting items according to a variety of criteria for downloading by remediation teams

Qualys Threat Protection: LIve Feed view | Qualys
Qualys Threat Protection: Widget wizard | Qualys

Identify and weigh characteristics that intensify a vulnerability’s danger

Qualys Threat Protection appends real-time threat indicators (RTIs) to vulnerabilities, tapping findings from Qualys and external sources. Combining this threat intelligence with internal criteria (such as asset role) helps you prioritize remediation. For example, you can review all RTIs for vulnerabilities on a host, and then drill down to specific vulnerabilities behind an RTI. Threat Protection RTIs include:

  • ZERO DAY – Vulnerabilities for which there is no vendor patch available and an active attack has been observed in the wild

  • PUBLIC EXPLOIT – Vulnerabilities whose exploit knowledge is well known and for which exploit code exists and is publicly available

  • ACTIVELY ATTACKED – Vulnerabilities that are being actively attacked in the wild

  • HIGH LATERAL MOVEMENT – Vulnerabilities that, if compromised, let the attacker propagate the attack broadly across the breached network

  • EASY EXPLOIT – Vulnerabilities that can be exploited easily, requiring few skills and little knowledge

  • HIGH DATA LOSS – Vulnerabilities whose exploitation will result in massive data loss

  • DENIAL OF SERVICE – Vulnerabilities whose payload could overload or crash the compromised systems so that they become permanently or temporarily unavailable

  • NO PATCH – Vulnerabilities for which there isn’t a fix from the vendor

  • MALWARE – Vulnerabilities associated with malware infection

  • EXPLOIT KIT – Vulnerabilities for which an exploit kit is available

Qualys Threat Protection: Widget wizard | Qualys
Qualys Threat Protection: Dashboard view | Qualys

Centrally control and visualize the threat prioritization process

Customizable dashboards with dynamic widgets help you see your threat landscape in a holistic, consolidated way. You can drill down on the data, mine it for patterns, aggregate it in custom reports and represent it graphically. This visualization and analysis yield deep insights for patch prioritization. The custom dashboard:

  • Includes a view of the live feed, as well as a variety of widgets based on RTIs, in the default dashboard setup

  • Allows you to create customized dashboards tailored for different IT and business roles

  • Delivers easy access to more information about the assets flagged as vulnerable with a single click

  • Supports creation of dashboard widgets manually or from any search query

  • Sets specific thresholds for widget data and triggers certain actions in response, such as changing the widget’s background color from green to red

  • Sends notifications when used in conjunction with Qualys Continuous Monitoring

  • Generates reports that can quickly and easily be shared across the IT department with those responsible for patching the affected systems

  • Displays trend indicators in widgets, showing data fluctuations over time

Qualys Threat Protection: Dashboard view | Qualys

Powered by Qualys Cloud Platform

Single-pane-of-glass UI

See the results in one place, in seconds. With AssetView, security and compliance pros and managers get a complete and continuously updated view of all IT assets — from a single dashboard interface. Its fully customizable and lets you see the big picture, drill down into details, and generate reports for teammates and auditors. Its intuitive and easy-to-build dynamic dashboards to aggregate and correlate all of your IT security and compliance data in one place from all the various Qualys Cloud Apps. With its powerful elastic search clusters, you can now search for any asset – on-premises, endpoints and all clouds – with 2-second visibility.

Centralized & customized

Centralize discovery of host assets for multiple types of assessments. Organize host asset groups to match the structure of your business. Keep security data private with our end-to-end encryption and strong access controls. You can centrally manage users’ access to their Qualys accounts through your enterprise’s single sign-on (SSO). Qualys supports SAML 2.0-based identity service providers.

Easy deployment

Deploy from a public or private cloud — fully managed by Qualys. With Qualys, there are no servers to provision, software to install, or databases to maintain. You always have the latest Qualys features available through your browser, without setting up special client software or VPN connections.

Scalable and extensible

Scale up globally, on demand. Integrate with other systems via extensible XML-based APIs. You can use Qualys with a broad range of security and compliance systems, such as GRC, ticketing systems, SIEM, ERM, and IDS.

Learn more about Qualys Cloud Platform

See for yourself. Try Qualys for free.

Start your free trial today. No software to download or install. Email us or call us at 1 (800) 745-4355.

Try it free