Qualys introduces TotalCloud with FlexScan delivering cloud-native VMDR

News Desk -

Share

Qualys, Inc., a provider of disruptive cloud-based IT, security, and compliance solutions, has announced TotalCloud with FlexScan, which delivers cloud-native VMDR with Six Sigma Accuracy via agent and agent-less scanning for comprehensive coverage of cloud-native posture management and workload security across multi-cloud and hybrid environments.

As on-premises infrastructure and business applications migrate to the cloud, security teams struggle to manage cyber risk across cloud workloads, services, resources, users, and applications. Furthermore, teams must contend with a slew of industry acronym-driven point solutions that provide a fragmented view of risk without context. This method raises security costs and complexity while making cloud applications vulnerable to attacks.

“Qualys is enhancing its widely used platform to deliver visibility, context, speed, automation, and orchestration in a comprehensive solution to help organizations scale their security and compliance programs for modern software development,” said Melinda Marks, senior analyst at ESG. “Qualys TotalCloud incorporates security into development workflows, enabling them to release secure, reliable code while giving security teams the control and visibility they need to manage risk by reducing their attack exposure and rapidly responding to threats.” 

“As a finance organization, we need a continuous view of the security and compliance posture across our cloud applications, with clear insights into risk,” said Prabhuram Rajarathinam, CISO at Cholamandalam Investment and Finance Company. “Qualys TotalCloud with FlexScan will enable our cloud security and DevOps teams to use the multiple assessments to further strengthen the security of our cloud applications.” 

Qualys TotalCloud, which has already secured over 31 million workloads, extends the industry-leading accuracy of VMDR with cloud-native FlexScan assessments to unify Cloud Posture Management and Cloud Workload Security in a single view with risk insights. TotalCloud uses an easy-to-use drag-and-drop workflow engine to automate inventory, assessment, prioritization, and risk remediation for continuous and zero-touch security from code to production cloud applications.

Qualys FlexScan

FlexScan, a comprehensive cloud-native assessment solution from Qualys TotalCloud, enables organizations to combine multiple cloud scanning options for the most accurate security assessment of their cloud environment.

Security teams will have multiple hybrid assessment capabilities to secure the entire cloud attack surface including:

  • Zero-touch, agent-less, cloud service provider API-based scanning for fast analysis.
  • Virtual appliance-based scanning to assess unknown workloads over the network for open ports and remotely exploitable vulnerability detection. 
  • Snapshot assessment that mounts the workload snapshot for periodic offline scanning including vulnerabilities and OSS scanning.
  • Qualys Cloud Agents in the workload for comprehensive, real-time vulnerability, configuration and security assessment.

Qualys TotalCloud provides security teams with:

Immediate multi-cloud posture insights ​— In minutes, the unified cloud posture dashboard provides inventory, security, and compliance posture insights across multi-cloud environments. With additional context on workload vulnerability and security posture, teams can quickly identify and prioritize the misconfigurations that pose the greatest risk.

Unified security view to prioritize cloud risk with TruRisk ​— The console provides a unified view of cloud security insights across cloud workloads, services, and resources. Qualys TruRisk also quantifies security risk based on workload criticality and vulnerability detections, and correlates it with ransomware, malware, and exploitation threat intelligence to prioritize, trace, and reduce risk.

Fast remediation with no code, drag-and-drop workflows ​— The integration of QFlow technology into TotalCloud saves security and DevOps teams valuable time and resources. Automation and no-code, drag-and-drop workflows help simplify the time-consuming operational tasks of assessing vulnerabilities on ephemeral cloud assets, alerting on high-profile threats, remediating misconfigurations, and quarantining high-risk assets.

Shift-left security to catch issues early ​— TotalCloud provides shift-left security integrated into developers existing CI/CD tools to continuously assess cloud workloads, containers and Infrastructure as Code (IaC) artifacts. This allows for the rapid identification of security exposures and remediation steps during the development, build and pre-deployment stages while providing support for the major cloud providers including AWS, Azure and Google Cloud.

“Cloud security is getting very fragmented with too many point solutions, which brings more complexity,” said Sumedh Thakar, president and CEO of Qualys. “Our customers want seamless, comprehensive insight into cyber risk across their multi-cloud and non-cloud assets. With our innovative TotalCloud offering, we bring flexible, high-quality cloud-native risk assessment to our customer base as they look to expand into the cloud with Qualys.” 

Availability  

Qualys TotalCloud is currently in preview. It will be generally available by the end of the year. To request a free trial, visit Qualys.com/totalcloud-trial. 


Leave a reply