Qualys has announced the immediate availability of its VMDR — Vulnerability Management, Detection and Response. VMDR provides an all-in-one, cloud-based app that automates the entire vulnerability management cycle, significantly accelerating the ability for companies to respond to threats, and prevent breaches while drastically reducing licensing and operating cost.
“For many organisations, today’s vulnerability management programs involve different teams, using multiple point solutions that often create more problems than they solve, including integration challenges, false positives, and most importantly, critical delays in the patching or mitigation process,” said Philippe Courtot, chairman and CEO of Qualys. “We are proud to bring our VMDR offering to market to address these challenges. It is the culmination of many years of effort to make vulnerability management an end-to-end solution that cuts across the entire hybrid environment and one that is real-time, accurate, easy to deploy and operate.”
“What sets VMDR apart from other offerings on the market is that it unifies the entire IT and security workflow into a single cloud application to identify any device that connects to the network in real-time. From there, it allows users to create and easily maintain an always up-to-date global IT asset inventory and asset groups, detect vulnerabilities in real-time, prioritize these — with a state-of-the-art prioritization engine that also takes into account misconfigurations and digital certificate security exposures — and finally mitigate and remediate vulnerabilities across the entire global hybrid IT environment, which includes on-premises devices, endpoints, cloud, mobile, containers, web apps, and APIs,” the company said.
As such, Qualys VDMR provides the foundation for a comprehensive risk-based vulnerability management program that does not solely rely on CVE-based vulnerabilities and arbitrary risk scores, which can give a false sense of security. “In a world where cloud concepts increasingly dominate, with multiple hosted services providing functionality previously owned and operated by on-premises IT, many existing approaches to solving these problems predicated on deployment within a traditional enterprise network are now showing their age. Dragging traffic back to a VPN concentration point will likely not be the preferred method indefinitely, if only for availability and capacity considerations alone. If an outcome of the current crisis is a more enduring entrenchment of remote work for the indefinite future, the changes in enterprise security architecture they precipitate may come to stay. The performance of these services will have to meet or exceed that expected from direct connection to the target — which makes it seem likely that cloud providers in the best position to meet this demand may either embrace these trends directly or become key enablers of new approaches,” said Scott Crawford, research vice president, security at 451 Research, part of S&P Global Market Intelligence.
“Qualys has a long history of innovation, having launched its vulnerability management offering as a cloud service in 1999. That innovation continues today as the company launches the industry’s first and only end-to-end VM platform — encompassing everything from asset discovery to vulnerability assessment and prioritization to patching and remediation,” said Rik Turner, principal analyst, Infrastructure Solutions at Ovum. “With VMDR, organizations can finally complete the vulnerability cycle within a single UI, delivering on the promise of driving Time to Remediation toward zero.”