Qualys has announced it is integrating zero-touch patching capabilities into Qualys Patch Management. Zero-Touch Patch ensures that companies’ endpoints and servers are proactively updated as soon as patches are available, reducing their overall attack surface.
Most vulnerability remediation involves multiple teams and processes – first, a scanning tool identifies vulnerabilities, and then they are passed to the patching team for remediation. This is a pain point for organisations and leads to extra resources, costs and longer exposure times. A lack of alignment between vulnerability and patch processes and the manual efforts required for vulnerability remediation are among the key causes of delayed patching.
“Qualys Patch Management helps us quickly patch remote systems based on vulnerability-driven priorities without the need for a VPN,” said Surendra Nemani, Head, Security Engineering at Infosys. “What’s exciting about the new zero-touch capabilities is the support for third-party apps like Microsoft, Adobe and various browsers. The automation allows us to set up patching in advance, matching patch correlation to prioritized vulnerabilities without the need for the typical back and forth between security and IT teams. It has empowered our platform teams and improved our patch governance efforts. We chose Qualys Patch Management as it is natively integrated into Qualys VMDR and allows cross-platform remediation.”
Qualys Patch Management leverages the Qualys Cloud Platform and Cloud Agents to help IT and security teams quickly and efficiently remediate vulnerabilities and patch systems. New intelligent automation allows prioritization of vulnerabilities based on threat indicators such as ransomware, matching of prioritized vulnerabilities with known patches, and a zero-touch “set and forget” feature to proactively patch devices and applications per predefined policies – leading to increased productivity. For example, an organization can create a policy to keep Adobe Reader software always patched on all employee laptops.
The new capabilities enable organisations to reduce the risk from threats like ransomware, accelerate vulnerability SLA compliance and lower cost and complexity.
“With cyberattack volume growing exponentially, integrating automation into your cybersecurity arsenal has moved from a nice to have to a must have,” said Sumedh Thakar, President and CEO of Qualys. “As organisations implement zero-trust security frameworks, the ability to automate patching so they can better trust assets becomes a foundational aspect of their cyber defense strategy.”
Qualys Zero-Touch Patch will be available in October as part of Qualys Patch Management app.
