Qualys Brings External Attack Surface Management (EASM) to the Qualys Cloud Platform

New features in CyberSecurity Asset Management 2.0 enable security and IT teams to continuously discover unknown assets accessible on the Internet and automatically assess their level of risk

FOSTER CITY, Calif., August 3, 2022 /PRNewswire/ — Qualys, Inc.. (NASDAQ: QLYS), a pioneer and leading provider of cloud-based IT, security and compliance solutions, today announced the addition of External Attack Surface Management (EASM) capabilities to the Qualys cloud platform. Integrated with CyberSecurity Asset Management 2.0, the new component adds the external attacker view to identify previously unknown internet assets to get a complete and accurate picture of the enterprise attack surface.

Digital transformation, increased cloud and Internet of Things (IoT) adoption, a growing remote workforce, and a shortage of technology talent have resulted in an exponential increase in the attack surface for organizations. This expansion makes it harder for security teams to correlate externally visible and internally managed assets and manage compromises that occur due to undiscovered, unmanaged, or mismanaged IT assets. Organizations need a new approach to see vulnerable assets from the outside in and act like an attacker to quickly identify areas at risk.

“Organizations should proactively manage their cyber defenses, which includes finding and resolving vulnerabilities to reduce cyber risk,” said Michael Abraham, Research Director, Security and Trust at IDC. “Qualys’ unique approach to EASM integrates CyberSecurity Attack Management’s internal and external asset data with its Vulnerability Management, Detection and Response (VMDR) solution into a single view. As a result, Organizations can better identify undiscovered assets and immediately access and mitigate cyber risk within a single workflow.”

“Qualys CyberSecurity Asset Management provides invaluable insight into the attack surface from an external attacker’s perspective,” said Mike Orosz, vice president of information and product security at Vertiv. “This view allows us to proactively augment our vulnerability management program by uncovering risks presented by previously unknown internet-connected devices. Additionally, automated workflows allow us to prioritize engineering actions solutions that will reduce cyber risk and rapidly improve the security of our business.”

Qualys CyberSecurity Asset Management 2.0 with EASM enables enterprises to continuously monitor and mitigate the entire enterprise attack surface, including internal and internet-connected assets, and uncover previously unidentified exposures. It also helps to sync with CMDBs, detect security vulnerabilities such as rogue or end-of-support software, open ports, remotely exploitable vulnerabilities, digital certificate issues, unauthorized applications and domains. authorized, and to mitigate the risks by taking the appropriate measures.

Qualys CyberSecurity Asset Management with EASM enables security and IT teams to:

Discover gaps across the entire attack surface – From a single cloud platform, the solution continuously discovers and accurately classifies internal and external resources accessible on the Internet. It automatically finds your affiliates, performs horizontal and vertical enumeration of domains and subdomains, correlates WHOIS and DNS records, and assigns assets to your organization.

Get a reliable and accurate view by aligning security and IT operations – Augment uncertain and stale data in your CMDB with CyberSecurity Asset Management. Teams can capture unmanaged assets and get a single source of truth for internet-accessible assets, along with location and context, with automatic synchronization with enterprise CMDBs and vulnerability management to streamline continuous attack surface monitoring and response.

Quickly remediate risks with native VMDR 2.0 integration – CyberSecurity Asset Management 2.0 and Qualys VMDR 2.0 improve cybersecurity program posture with TruRisk scoring and automated, one-click orchestration of vulnerability and remediation workflows to convert Internet-connected assets into fully managed and remediated assets.

“Achieving complete asset visibility remains one of the most elusive goals in cybersecurity,” said Sumed Thakar, Chairman and CEO of Qualys. “CyberSecurity Asset Management 2.0 solves this problem by providing both a holistic, external attacker-level and internal view of the attack surface to comprehensively address the growing threat landscape. To go even further in protection, we’ve natively integrated the solution with Qualys VMDR so organizations can prioritize vulnerabilities and asset groups based on risk and proactively remediate them to quickly reduce exposure.”

Qualys CyberSecurity Asset Management 2.0 with EASM is currently in preview and available to existing customers. It will generally be available in mid-September. To request a free trial, visit qualys.com/csam-trial. Learn more by reading our Blogor attend our online seminar on September 14.

Additional Resources

About Qualys
Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of cloud-based security, compliance and disruptive IT solutions with more than 10,000 subscribed customers worldwide, including the majority of the Forbes Global 100 and Fortune 100. Qualys helps companies streamline and automate their security and compliance solutions on a single platform for greater agility, better business results and substantial cost savings.

Qualys Cloud Platform leverages a single agent to continuously deliver critical security information while enabling enterprises to automate all vulnerability detection, compliance and protection of IT systems, workloads work and web applications on-premises, on endpoints, servers, and public and private clouds. , containers and mobile devices. Founded in 1999 as one of the first SaaS security companies, Qualys has forged strategic partnerships and seamlessly integrates its vulnerability management capabilities into the security offerings of cloud service providers including Amazon Web Services, Google Cloud Platform and Microsoft Azure, as well as a number of leading managed service providers and global consulting organizations. For more information, please visit http://www.qualys.com.

Qualys, Qualys VMDR® and the Qualys logo are registered trademarks of Qualys, Inc. All other product or names may be trademarks of their respective companies.

Media Contact:
Jackie Duton
[email protected]


Show original content to download multimedia:https://www.prnewswire.com/news-releases/qualys-brings-external-attack-surface-management-easm-to-the-qualys-cloud-platform-301598646.html

SOURCE Qualys, Inc.

Shirlene J. Manley