Qualys, Inc., a provider of disruptive cloud-based IT, security, and compliance solutions, today unveiled Qualys Custom Assessment and Remediation, allowing security architects to access custom scripts that can be natively integrated with other Qualys solutions via its Cloud Platform. This new solution significantly reduces response time by empowering security teams to orchestrate workflows, secure custom applications, and respond immediately to threats such as zero-day attacks, reducing the need to rely on IT operations teams.
When threats strike, security teams must act quickly to detect, assess, and remediate both third-party and custom applications. A typical response entails security teams developing new out-of-band processes and custom scripts that must be rolled out across hundreds or thousands of applications and endpoints using a variety of techniques and ITSM tools. This approach creates a blind spot in terms of auditing and tracking and has a negative impact on responsiveness.
“Reducing mean time to respond (MTTR) is the key metric for managing security risk, but it requires having the right security tools in place to optimize efficiency,” said Melinda Marks, senior analyst at Enterprise Strategy Group. “Qualys Custom Assessment and Remediation leverages the comprehensive capabilities of the Qualys Cloud Platform to speed up your ability to respond to a detected security issue. It provides centralized control while helping teams remediate issues within their existing tools and workflows, saving them from inefficient, costly out-of-band rework cycles.”
Qualys Custom Assessment and Remediation gives security architects access to the Qualys Platform, allowing them to create custom scripts in popular scripting languages, user-defined controls, and automation, all of which can be seamlessly integrated within existing programs to quickly assess, respond, and remediate threats across your global hybrid environment.
“Security teams struggle to manage and respond to a range of challenges that often require custom approaches,” said Nagi Prabhu, chief product officer, Qualys. “By opening the Qualys Platform, we put security teams in the driver’s seat. Qualys Custom Assessment and Remediation enables the creation of custom scripts and controls that are seamlessly integrated into existing security processes and workflows while extending the capabilities of the Cloud Agent so organizations can respond to threats such as Zero-Days immediately.”
Qualys Custom Assessment and Remediation enables security teams to:
Quickly Address Zero-Day Threats – The solution puts the power to rapidly respond to zero-day vulnerabilities directly in the hands of the security team by automating processes such as collecting and evaluating data, synthesizing third-party threat intelligence feeds, and performing appropriate remediation actions, such as configuration changes, deleting suspicious files or deploying registry changes. The result is an accelerated MTTR, which is critical to containing an attack.
Secure and Audit Custom Applications – Security teams can add customized controls and processes, without IT intervention, for various organizational activities including remediation actions eliminating the need to reinvent new scripts. This improves efficiency and allows security practitioners time to focus on more strategic activities.
Tightly Integrate into Qualys VMDR Workflows – Scripts are seamlessly integrated into existing VMDR workflows via assignment of custom Qualys IDs and Control IDs, which increases efficiency.
Access a Centralized Library for Custom Scripts and Controls – The solution provides centralized control over custom scripts easily mapped into workflows, and it is secured by role-based access control (RBAC) as well as review and approval processes. Additionally, deployment of scripts is simplified by using a centrally managed and customizable library of more than 50 popular reusable scripts to address common problems.