Qualys Adds Risk Assessment to Cloud Security Platform
Qualys, Inc. today updated its vulnerability management, detection and response (VMDR) cloud service to include a risk assessment capability, called TruRisk, that enables cybersecurity teams to better prioritize their remediation efforts.
As part of that effort, Qualys VMDR 2.0 is now integrated with the Shodan search engine and includes an application that integrates the Qualys cloud service with the ServiceNow IT service management platform (ITSM).
Scott Clinton, vice president of product marketing for Qualys, said the TruRisk capability leverages Qualys agent software to better prioritize vulnerability remediation based on the unique attributes of each IT environment.
The company claimed TruRisk beta users within the Qualys VMDR 2.0 platform reduced by an average of 28% the number of critical vulnerabilities that needed to be immediately remediated. That number was based on a sample size of 2.6 million assets and 74 million detections.
The platform considers multiple factors including the Common Vulnerability Scoring System (CVSS) base score, exploit code maturity, active exploitation by malware or threat groups, real-time threat indicators, active exploitation and any mitigation or compensating controls applied on the system to generate a Qualys Detection Score (QDS), Clinton explained.
Risk scores are determined by analyzing more than 180,000 vulnerabilities from more than 25 different threat intelligence sources. Qualys also shares its risk prioritization algorithm with customers to enable cybersecurity teams to better explain to business and IT leaders which vulnerabilities were prioritized, said Clinton.
If an asset is protected from a vulnerability due to a compensating control, Clinton said the risk is then rated lower. Over time, IT teams can also customize how scores are generated based on their own assessments, said Clinton. A Qualys Query Language (QQL) also makes it possible to create a heat map of risk exposure to enable organizations to more easily measure the effectiveness of their cybersecurity efforts.
The overall goal is to reduce the amount of fatigue cybersecurity teams experience by enabling them to focus more of their time and effort on the vulnerabilities that are likely to have the most impact on the business, said Clinton. Once a vulnerability is determined to be critical a cybersecurity team can then invoke the automated patch management capabilities based on the QDS rating, he added.
The Qualys cloud service also makes it possible to create no-code workflows to automate manual tasks. Qualys reports beta customers of VMDR 2.0 were also able to reduce risk by an average of 23% by, for example, patching the top 15 vulnerabilities identified by The Cybersecurity and Infrastructure Security Agency (CISA) up to 60% faster than rival cybersecurity platforms.
Qualys is making a case for a software-as-a-service (SaaS) platform that can manage multiple cybersecurity tasks and that integrates with a single agent the company developed. That approach makes it more efficient to provide security services via the cloud in a way that is easier to consume, noted Clinton.
There is, of course, no shortage of cloud platforms for managing cybersecurity. The issue that cybersecurity teams need to resolve is determining which of those platforms reduces their stress level rather than increases it as vulnerabilities continue to be found..
