Qualys, Inc., a provider of innovative cloud-based IT, security, and compliance solutions, has introduced TotalCloud 2.0, a significant upgrade to its AI-powered cloud-native application protection platform (CNAPP). This latest version marks the integration of TruRisk Insights, enabling organizations to measure, communicate, and mitigate cyber risks across cloud and Software as a Service (SaaS) applications.
As enterprises increasingly embrace multi-cloud and SaaS infrastructures for agility and innovation, they face escalating security complexities. This has resulted in the adoption of multiple security tools, often providing conflicting risk assessments. Managing these diverse risks across fragmented environments poses challenges in effective risk prioritization and remediation.
TotalCloud 2.0 with TruRisk Insights offers a unified platform for consolidating cloud data across multi-cloud environments, providing comprehensive visibility and context for efficient risk mitigation. By correlating data from various Qualys sources such as Cloud Workload Protection (CWP), Cloud Security Posture Management (CSPM), and Cloud Detection and Response (CDR), alongside SaaS and infrastructure posture, organizations can swiftly address critical threats.
Rodrigo Herrera Villalón, head of application security at Banco BCI, emphasized the significance of TotalCloud in securing their cloud environment by providing insights into risk exposure and facilitating rapid identification and mitigation of critical issues.
Key features of TotalCloud 2.0 include:
– TruRisk Insights: Offers a singular, prioritized view of cloud risk by analyzing anonymized customer data to identify high-risk assets. By eliminating 99% of non-critical workloads, organizations can focus on addressing the most pressing security concerns promptly.
– Comprehensive Protection for SaaS Applications: TotalCloud integrates SaaS Security Posture Management (SSPM), ensuring seamless integration of security configurations and permissions for critical SaaS applications such as Microsoft 365, Zoom, Slack, and Google Workspace, enhancing overall security posture.
– Supply Chain Risk Mitigation: Conducts comprehensive scans of open-source software across various compute workloads, including containers, to identify vulnerabilities and mitigate supply chain risks.
– Operationalized Risk Reduction: Streamlines operations by integrating with IT Service Management (ITSM) tools like ServiceNow and JIRA, enabling automated ticket assignment and orchestration of remediation efforts to accelerate risk reduction.
Sumedh Thakar, president and CEO of Qualys, emphasized TotalCloud 2.0’s role in providing a clear, prioritized view of risk across multi-cloud and SaaS environments, facilitating swift resolution of critical issues and reducing organizational risk effectively.