Qualys, Inc. has announced Multi-Vector EDR 2.0 with additional threat-hunting and risk mitigation capabilities improving alert prioritization and reducing the time needed to respond to threats. Security practitioners are inundated with alerts, which burden them to prioritize the ones that represent the riskiest threats, waste their valuable time, and expose their organizations to increased risk.
Yet, traditional endpoint detection and response (EDR) solutions still focus solely on endpoint activity to detect attacks and incorporate only MITRE ATT&CK techniques – not tactics. As a result, practitioners are forced to rely on additional tools to improve their cyber risk posture leading to slow and incomplete threat remediation actions. EDR needs to evolve to scale and provide a more meaningful threat context, in near real-time, to meet the challenges of the modern threat landscape.
“Effective endpoint protection starts with reducing the amount and severity of instances the security team needs to address,” said Michael Suby, vice president of research at IDC. “Qualys leverages its Cloud Platform to analyze context and data points via its integration with vulnerability and patch management along with device controls to reduce the volume of incoming incidents. This volume reduction is a key factor in saving time and resources, as it allows teams to focus on the riskiest threats that matter the most, ensuring their attack surface is less exposed.”
The updated Qualys Multi-Vector EDR operationalizes MITRE ATT&CK tactics and techniques allowing security practitioners to quickly analyze and respond to threats. Additionally, the Qualys Cloud Platform’s extended prediction and prevention capabilities provide orchestrated access to multiple context vectors including asset criticality, vulnerabilities, system misconfigurations, and recommended patches via a single agent and unified dashboard.
Qualys Multi-Vector EDR’s comprehensive approach prevents future attacks by identifying and eliminating vulnerabilities exploited by malware. Through native integration with Qualys VMDR, practitioners can pivot from a single malware incident, such as Conti, to identifying all assets susceptible to CVEs associated with the malware and then patch via Qualys Patch Management.
Qualys Multi-Vector EDR provides:
- Comprehensive Threat Response – the solution leverages dynamic analysis from MITRE ATT&CK Threat Context Mapping and the rich Qualys Cloud Threat Database to prioritize threat response and improve the remediation of vulnerabilities and system misconfigurations.
- Holistic Multi-Vector Security – Native integration with other Qualys Cloud Platform apps provides the risk posture and rich asset criticality context that eliminates the blind spots of stand-alone EDR solutions while also improving remediation and response times.
- Easy to Deploy, Use and Manage – Organizations can enable EDR with one click on a single agent providing asset inventory and vulnerability risk context along with patch management to comprehensively reduce the risk of compromise.
“Traditional EDR products solely focus on detecting threat activity on the endpoint, but what organizations want is to mitigate overall security risk to avoid attacks,” said Sumedh Thakar, president and CEO of Qualys. “By combining Qualys Multi-Vector EDR with VMDR and patch management, Qualys helps organizations focus on eliminating the riskiest threats quickly while strengthening their cyber resilience.”
Qualys successfully participated in its first year of MITRE Engenuity Evaluations, round 4. Its Multi-Vector EDR detected the simulated adversary throughout the attack chain. Overall, the solution detected 100% of the tested steps and returned 74% visibility into the entire attack chain. The results attest to how Multi-Vector EDR leverages the Qualys Cloud Platform to sift through the noise to surface the data that matters most to the security team while also providing detections throughout the attack.