Vulnerability management is a critical component of risk management as attackers are always looking for new vulnerabilities to exploit and take advantage of them which may have gone unnoticed. Several Vulnerability management tools are available in the market which help in continuous monitoring and identifying vulnerabilities well in advance helps to secure organizations in a proactive manner.
Today we will learn about a vulnerability scanner ‘Qualys’ which is quite a popular and preferred choice for organizations on vulnerability management, its features , use cases etc.
About Qualys Scanner
Qualys offers vulnerability management as a Software as a service product. Vulnerability management and scanning products are deployed as software as a service (SaaS) or pre configured private cloud appliances by service providers. It scans network perimeter, virtual machines and cloud services based on preconfigured or customized policies to identify and prioritize fixing vulnerabilities. Virtual appliances are available for VMware, Hyper-V and Amazon Elastic compute cloud.
- Qualys scanner solution lets discover, assess, and patch critical vulnerabilities in real time and across hybrid global IT landscapes.
- It helps to identify and categorize all known and unknown assets , detect, and analyse vulnerabilities and misconfigurations , prioritize automated remediation and patch deployment.
- It enables auto discovery and categorizes known and unknown assets and creates automated workflows to manage them. Users can query assets and its attributes to have more visibility into hardware, system configuration, applications, services , network information and many more.
- It automatically detects vulnerabilities and critical misconfigurations across the widest range of devices, operating systems, and applications.
- It gives real time threat intelligence and a machine learning model to automatically prioritize vulnerabilities with indicators such as exploitable , actively attacked, and high lateral movement.
- It assigns business impact to each asset like devices which are mission critical applications, public facing, accessible over internet etc.
- Policy based automated patching helps to deploy superseding patches.
Features of ‘Qualys Scanner’
- Asset categorization and normalization
- Creation of interactive network map to show perimeter and internal devices
- Zero-day threat analysis and alerts
- Remediation prioritization by assigning business impact to each asset
- Continuous monitoring of perimeter for unexpected changes
- Dynamic tagging of assets to automatically categorize hosts by attributes like network address, open ports , OS, software installed, and vulnerabilities detected
- Track vulnerabilities over time
- Monitoring of certificates deployed throughout the network
- Automatic generation of remediation tickets whenever vulnerabilities are detected
- Consolidated report of hosts require patching
- Integration with 3rd party ticket systems
- Scalable and extensible