Vulnerability Management

Vulnerability Management

 

Continuously detect and protect against attacks, anytime, anywhere.

 

The industry's most advanced, scalable and extensible solution for vulnerability management.

 

2017 Global Vulnerability Management Market Leadership Award

“Qualys continues to lead the market with new network coverage and security solutions that leverage its cloud-based platform for scalability, automation, and ease of use.”

 

Highlights

Agent-based detection

 

In addition to our scanners, VM also works with the groundbreaking Qualys Cloud Agents, extending its network coverage to assets that can’t be scanned. The lightweight, all-purpose, self-updating agents reside on the assets they monitor— no scan windows, credentials, or firewall changes needed. Vulnerabilities are found faster, and network impact is minimal.

 

Constant monitoring and alerts

 

When VM is paired with Continuous Monitoring (CM), InfoSec teams are proactively alerted about potential threats so problems can be tackled before turning into breaches. You can tailor alerts and be notified about general changes or specific circumstances. CM gives you a hacker’s-eye view of your perimeter, acting as your cloud sentinel.

 

Comprehensive coverage and visibility

 

Qualys VM continuously scans and identifies vulnerabilities with Six Sigma (99.99966%) accuracy, protecting your IT assets on premises, in the cloud and mobile endpoints. Its executive dashboard displays an overview of your security posture and access to remediation details. VM generates custom, role-based reports for multiple stakeholders, including automatic security documentation for compliance auditors.

VM for the perimeter-less world

 

As enterprises adopt cloud computing, mobility, and other disruptive technologies for digital transformation, Qualys VM offers next-generation vulnerability management for these hybrid IT environments whose traditional boundaries have been blurred. With its fast deployment, low TCO, unparalleled accuracy, robust scalability, and extensibility, Qualys VM is relied upon by thousands of organizations throughout the world.

 

Discover forgotten devices and organize your host assets

 

With Qualys, you can quickly determine what’s actually running in the different parts of your network—from your perimeter and corporate network to virtualized machines and cloud services such as Amazon EC2. Uncover unexpected access points, web servers and other devices that can leave your network open to attack.

• Visually map your network with our graphical host map
• Prioritize your remediation by assigning a business impact to each asset
• Identify which OS, ports, services and certificates are on each device on your network
• Organize hosts to match the structure of your business—e.g., by location, region, and company department
• Control which hosts can be scanned by which users
• Continuously monitor your perimeter for unexpected changes with our optional Continuous Monitoring service
• Dynamically tag assets to automatically categorize hosts by attributes like network address, open ports, OS, software installed, and vulnerabilities found

 

Scan for vulnerabilities everywhere, accurately and efficiently

 

Scan systems anywhere from the same console: your perimeter, your internal network, and cloud environments (such as Amazon EC2). Since Qualys separates scanning from reporting, you can scan deeply and then create custom reports showing each audience just the level of detail it needs to see.

• Select target hosts by IP address, asset group or asset tag
• Scan manually, on a schedule, or continuously
• Scan behind your firewall securely with Scanner Appliances, remotely managed by Qualys 24/7/365
• Scan complex internal networks, even with overlapping private IP address spaces
• Securely use authentication credentials to log in to each host, database or web server
• Scan in Amazon EC2 without filling out request forms—Qualys is pre-approved
• Save time with our Six Sigma accuracy rate—no more chasing after false positives
• Store configuration information offsite with secure audit trails

Identify and prioritize risks

 

Using Qualys, you can identify the highest business risks using trend analysis, Zero-Day and Patch impact predictions.

• Track vulnerabilities over time: as they appear, are fixed, or reappear
• Monitor certificates deployed throughout your network—see what’s about to expire, which hosts they are used on, what their key size is, and whether or not they are associated with any vulnerabilities
• Put critical issues into context with the Qualys’ industry-leading, constantly updated Knowledge Base
• See which hosts need updates after Patch Tuesday every month
• Examine your network’s vulnerabilities over time, at different levels of detail, instead of just single snapshots
• Predict which hosts are at risk for Zero-Day Attacks with the optional Qualys Zero-Day Risk Analyzer

 

Remediate vulnerabilities

 

Qualys’ ability to track vulnerability data across hosts and time lets you use reports interactively to better understand the security of your network. Use a library of built-in reports, change what’s shown or choose different sets of assets — all without having to rescan. Reports can be generated on demand or scheduled automatically and then shared with the appropriate recipients online, in PDF or CSV.

• Automatically generate and assign remediation tickets whenever vulnerabilities are found
• Get consolidated reports of which hosts need which patches
• Integrate with third-party IT ticketing systems
• Manage exceptions when a vulnerability might be riskier to fix than to leave alone
• Exceptions can be set to automatically expire after a period of time for later review

 

Custom reports anytime, anywhere — without rescanning

 

Qualys’ ability to track vulnerability data across hosts and time lets you use reports interactively to better understand the security of your network. Use a library of built-in reports, change what’s shown or choose different sets of assets — all without having to rescan. Reports can be generated on demand or scheduled automatically and then shared with the appropriate recipients online, in PDF or CSV.

• Create different reports for different audiences—from scorecards for executives, to detailed drill-downs for IT teams
• Document that policies are followed & lapses get fixed
• Provide context & insight about each vulnerability, including trends, predictions, and potential solutions
• Track ongoing progress against vulnerability management objectives
• Share up-to-the-minute data with GRC systems & other enterprise applications via XML-based APIs

Powered by the Qualys Cloud Platform

 

 

Single-pane-of-glass UI

See the results in one place, in seconds. With AssetView, security and compliance pros and managers get a complete and continuously updated view of all of their IT assets — from a single dashboard interface. Its fully customizable and lets you see the big picture, drill down into details, and generate reports for teammates and auditors. Its intuitive and easy-to-build dynamic dashboards aggregate and correlate all of your IT security and compliance data in one place from all the various Qualys Cloud Apps. With its powerful elastic search clusters, you can now search for any asset – on-premises, endpoints and all clouds – with 2-second visibility.

 

Centralized & customized

Centralize discovery of host assets for multiple types of assessments. Organize host asset groups to match the structure of your business. Keep security data private with our end-to-end encryption & strong access controls. You can centrally manage users’ access to their Qualys accounts through your enterprise single sign-on (SSO). Qualys supports SAML 2.0-based identity service providers.

 

Easy deployment

Deploy from a public or private cloud — fully managed by Qualys. With Qualys, there are no servers to provision, no software to install, and no databases to maintain. You always have the latest Qualys features available through your browser, without setting up special client software or VPN connections.

 

Scalable and extensible

Scale up globally, on demand. Integrate with other systems via extensible XML-based APIs. You can use Qualys with a broad range of security and compliance systems, such as GRC, ticketing systems, SIEM, ERM, and IDS.