Qualys CyberSecurity Asset Management Expands to Detect Unauthorized Devices Across Hybrid Environments
- Groundbreaking functionality to identify unmanaged and untrusted devices in real-time
- Passive discovery method complements scans, agents, and API-based discovery
- Sixty-nine percent of organizations experienced cyberattacks due to unknown or unmanaged assets
- Qualys Cloud Agent empowers security teams to protect against threats within the internal network
- Average of 34% more unmanaged and untrusted assets identified by customers
- Complete internal attack surface coverage for IoT devices, unauthorized cloud instances, and previously missed network devices
- Proactive identification of unauthenticated, missing security agents, or untrusted devices in real-time
- None.
The announcement by Qualys Inc. regarding the expansion of its CyberSecurity Asset Management (CSAM) to include real-time identification of unmanaged and untrusted devices represents a significant advancement in cybersecurity asset management. The integration of passive sensing technology into the Qualys Cloud Agent allows for the continuous monitoring of network traffic, which is crucial for organizations to maintain an up-to-date asset inventory and to assess the TruRisk—a proprietary risk metric—of each asset. This development is particularly relevant as it addresses the 69% of organizations that have reported cyberattacks due to unknown or unmanaged assets.
From a cybersecurity perspective, the ability to detect risks from Internet of Things (IoT) devices and unauthorized cloud instances without additional overhead is a substantial step towards the implementation of a Zero Trust Security Architecture. This proactive identification of devices that are not authenticated or missing security agents strengthens cybersecurity defenses by closing gaps in asset visibility. Moreover, the enhancement of Configuration Management Database (CMDB) accuracy with automated asset discovery is an essential component for organizations to manage asset lifecycles effectively and mitigate cyber risks.
The strategic impact of Qualys' new functionality on IT infrastructure management is considerable. By leveraging existing Qualys Cloud Agents to perform passive network monitoring, the solution allows for the seamless integration of newly identified unmanaged and untrusted assets into vulnerability management programs. This integration aligns with the industry trend towards comprehensive internal and external attack surface management, as it enables organizations to have a more holistic view of their assets and potential vulnerabilities.
The reported average of 34% more unmanaged and untrusted assets being identified post-implementation underscores the effectiveness of this tool in uncovering hidden assets. This capability not only enhances the security posture but also facilitates compliance with various regulatory requirements by ensuring that all assets are accounted for and properly managed. The passive sensing technology also simplifies the process of maintaining asset inventories, which is often a complex and resource-intensive task for IT departments.
The introduction of real-time passive sensing by Qualys represents a pivotal innovation in the field of risk management. The ability to calculate the TruRisk of every asset provides organizations with a quantifiable metric to prioritize remediation actions based on business risk. This precision in risk assessment allows for more informed decision-making and resource allocation when addressing security vulnerabilities and compliance issues.
Furthermore, the capability to incorporate a comprehensive asset inventory, including previously unmanaged and untrusted devices, into a single platform streamlines the risk management process. It enables organizations to move towards a Zero Trust Security Architecture, which is increasingly being adopted as a fundamental framework for protecting against cyber threats. By proactively identifying and addressing potential risks as they arise, organizations can significantly reduce their attack surface and improve their overall security resilience.
Groundbreaking functionality enables millions of cloud agents to discover risky unmanaged devices in real time with one click
Sixty-nine percent of organizations said they experienced at least one cyberattack resulting from an exploit of an unknown or unmanaged asset such as software, cloud-based workloads, user accounts, and connected Internet of Things (IoT) devices. Staying on top of a changing attack surface requires constant vigilance. Qualys is tackling this critical issue by enriching its Cloud Agent to offer passive sensing, empowering security teams to protect against threats that originate within the internal network, without disrupting operations.
With this new capability, Qualys CyberSecurity Asset Management strengthens its position as the industry leader in combining internal and external attack surface management. By leveraging Qualys Cloud Agents to sniff network traffic, customers have identified an average of
"In navigating intricate enterprise landscapes, real-time visibility of the entire infrastructure is difficult, and at times, appears impossible," said Gary Bowen, director of Security Operations, Brown & Brown Insurance. "The Qualys Cloud Agent passive sensor has proven to be a game-changer, providing us with unparalleled visibility and immediate insights across our hybrid IT and OT domains, all without the complexities of identifying optimal locations for network taps. By helping to eradicate blind spots, this passive sensing capability empowers our security teams to identify and address potential risks the moment they arise, offering a comprehensive view of cyber risk across our entire attack surface."
Qualys CyberSecurity Asset Management with passive sensing provides organizations with:
- Complete Internal Attack Surface Coverage: Incorporates the final component of a comprehensive asset inventory to detect risk from IoT devices, unauthorized cloud instances and any network devices that may have been previously missed. By adding previously unmanaged and untrusted network device inventory, organizations can perform automated vulnerability management and compliance scans to identify vulnerabilities and misconfigurations, calculate TruRisk, and prioritize remediation actions based on business risk—all within a single platform.
- Lays the Foundation for Zero Trust Security Architecture: CyberSecurity Asset Management proactively identifies devices connected to the network that are not authenticated, missing security agents, or otherwise untrusted in real-time. This provides cyber risk assessment—without additional overhead, cost, or resource deployment.
- Turbocharges CMDB Accuracy and Coverage: Automatically add discovered assets to the configuration management database (CMDB), enabling IT with comprehensive visibility required to manage asset inventory lifecycle and remediate cyber risk.
"By adding passive discovery to Qualys' more than 100 million deployed Cloud Agents, we are providing organizations with a unique expansion of attack surface coverage that requires no additional overhead, cost, or resources to maintain," said Sumedh Thakar, president and CEO of Qualys. "Bringing significantly more visibility to unknown devices as part of their risk management programs, CISOs now have an ace-in-the-hole to defend against shadow IT; a huge step as organizations move toward a Zero Trust Security Architecture."
Availability
The Qualys Cloud Agent Passive Sensor is now available as part of Qualys CyberSecurity Asset Management app. To learn more, join our webinar or read our blog, "Identify and De-risk Unmanaged, Unauthorized Devices With Qualys CyberSecurity Asset Management (CSAM)."
Additional Resources
- Learn more about Qualys CyberSecurity Asset Management with passive sensing
- Explore the Qualys Enterprise TruRisk Platform
- Follow Qualys on LinkedIn and X (formerly Twitter)
About Qualys
Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of disruptive cloud-based security, compliance and IT solutions with more than 10,000 subscription customers worldwide, including a majority of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and automate their security and compliance solutions onto a single platform for greater agility, better business outcomes, and substantial cost savings.
The Qualys Enterprise TruRisk Platform leverages a single agent to continuously deliver critical security intelligence while enabling enterprises to automate the full spectrum of vulnerability detection, compliance, and protection for IT systems, workloads and web applications across on premises, endpoints, servers, public and private clouds, containers, and mobile devices. Founded in 1999 as one of the first SaaS security companies, Qualys has strategic partnerships and seamlessly integrates its vulnerability management capabilities into security offerings from cloud service providers, including Oracle Cloud Infrastructure, Amazon Web Services, the Google Cloud Platform and Microsoft Azure, along with a number of leading managed service providers and global consulting organizations. For more information, please visit http://www.qualys.com.
Qualys, Qualys VMDR®, Qualys TruRisk and the Qualys logo are proprietary trademarks of Qualys, Inc. All other products or names may be trademarks of their respective companies.
Media Contact:
Rachel Winship
Qualys
Media@Qualys.com
1 According to Qualys data
View original content to download multimedia:https://www.prnewswire.com/news-releases/qualys-cybersecurity-asset-management-expands-to-detect-unauthorized-devices-across-hybrid-environments-302050239.html
SOURCE Qualys, Inc.
FAQ
What is the new functionality announced by Qualys Inc. (QLYS)?
How does the new capability complement existing methods?
What percentage of organizations experienced cyberattacks due to unknown or unmanaged assets?
How does the Qualys Cloud Agent empower security teams?
What percentage of more unmanaged and untrusted assets have customers identified?
What does the new capability provide in terms of attack surface coverage?
How does CyberSecurity Asset Management proactively identify devices connected to the network?
