Qualys has unveiled CyberSecurity Asset Management (CSAM), built on the Qualys Cloud Platform, to inventory the complete IT ecosystem, detect security gaps and respond to the risk, all from a unified platform.
Over the past year, organisations have rapidly accelerated their digital transformation by leveraging technologies such as cloud and container that support the shift to IoT and a remote workforce. This digital shift calls for a new approach to asset visibility since traditional asset administration responsibilities like inventory, software support and license oversight are the purview of IT and addressed with IT inventory-focused tools. Security teams need to monitor IT asset health from a cybersecurity perspective by detecting security tool blind spots and responding to exposures quickly.
“As an organisation focused on Security Operations, we believe that ‘you can’t protect what you don’t understand,’ with understand being the key word. Hence, asset management in the security operations context isn’t just ‘seeing’ an asset; it is having the right ‘risk’ context of each and every software, hardware and IoT asset at our fingertips,” said Jatinder Pal Singh, Director of Security Operations at Informatica. “Our SOC asset management leverages the Qualys CyberSecurity Asset Management app to not only provide the visibility we need, but it goes a step further and assesses every asset’s security risk, enabling our SOC to not only get relevant alerts but enable the IR analyst to take appropriate and timely actions.”
CyberSecurity Asset Management is an all-in-one solution that leverages the power of the Qualys Cloud Platform with its multiple native sensors and CMDB synchronisation to continuously inventory known and unknown assets, discover installed applications, and overlay business and risk context to establish asset criticality. It identifies unauthorised or end-of-life and end-of-service software, the absence of required security tools, and assesses the health of the attack surface. Further, CSAM enables response options with threat alerts and software removal and delivers regulatory reporting in support of FedRAMP, PCI-DSS and other mandates.
Qualys CSAM is purpose-built for security teams. It is supported by the same Qualys sensors and multi-function cloud agent used for vulnerability management, patching, compliance, file integrity monitoring and endpoint detection and response. CSAM enables organisations to build a comprehensive up-to-date asset inventory; sync with CMDB and assign risk profile; detect and monitor security gaps and alert, report and respond.
“We’ve built upon our popular free Global AssetView app, which provides customers with insights on millions of devices, to reimagine asset management for security teams, so they have a clear picture of the security context of assets,” said Sumedh Thakar, President and CEO of Qualys. “CSAM uses telemetry from multiple sensors including the Qualys Cloud Agent to bring security teams the automation they need to identify and manage the gaps in their IT asset inventory.”
Qualys Cybersecurity Asset Management will be available in June.
