Integrated Vulnerability Data Dynamically Alters User Permissions Based on the Fluctuating Threat Ratings of a Device

The onslaught of new devices and applications in the enterprise has clouded visibility into who and what is connecting to the network. This raises increased security concerns, since more devices mean more potential ways to compromise the network. Enterprises have generally responded to these concerns by continually adding security systems from multiple vendors to their networks.

Continue reading …

The newly released Qualys Web Application Scanning (WAS) App for Splunk Enterprise delivers information about affected web applications and prevalent vulnerabilities into the Splunk dashboard, and enables preconfigured searches and reports, for customers using both Qualys and Splunk. Just like with Qualys WAS, this new app also helps you analyze consistent WAS data across application lifecycles, detect unauthorized apps and rapidly harden your web apps with Qualys Web Application Firewall (WAF).

Continue reading …

Many customers that use the Qualys Cloud Platform for vulnerability management are also using Splunk Enterprise to collect their security and compliance data. Thanks to the new Qualys VM App for Splunk Enterprise with the included Qualys Technology Add-on (TA), customers can monitor and evaluate real-time threat alerts and analysis through a single dashboard. With this unified perspective, customers achieve a more complete picture as well as a streamlined workflow – across their entire infrastructure.

Continue reading …

ForeScout Integrates with Qualys to Provide Joint Customers Real-time Vulnerability Management Assessment and Mitigation Capabilities

Qualys and ForeScout Technologies, Inc. recently announced a partnership which integrates Qualys Vulnerability Management (VM) and ForeScout CounterACT, to provide joint customers with real-time assessment and mitigation capabilities against vulnerabilities, exposures and violations. This post will detail how the integrated solution can help organizations improve timeliness and efficacy of their vulnerability assessments, automate policy-based mitigation of endpoint security risks, and reduce security exposures and their attack surface.

Continue reading …

In recent years cybercrime has gone from an array of independent hackers to a global industrialized operation that utilizes collaboration, worldwide coordination and advanced criminal techniques to evade detection. One would expect this increased organization and sophistication would improve the speed at which “hackers hack.” And you would be correct: according to a recently released report, the time between an exploit announcement and the first attack is typically just 7.5 days, down from just under 10 days in 2008.

Your organization is likely already struggling with meeting internal and regulatory requirements for patch times. In addition, vulnerabilities and their risk to the organization are increasing each day, as hackers are now able to weaponize new vulnerabilities faster than ever.

Continue reading …