As organizations pursue digital transformation efforts, traditional security solutions are falling short, reducing CISOs’ visibility into the increasingly complex IT environments of cloud computing and interconnected business, and creating infosec challenges hackers are eager to exploit.
CEOs are under business pressure to adopt new, emerging technologies that can improve their businesses by gathering and analyzing more data about their products and customers, but security can’t be overlooked.
“Bad guys have taken advantage of the fact that digital transformation forces us to open our networks and interconnect many things,” Philippe Courtot, Qualys’ chairman and CEO, said during the opening keynote of this year’s Qualys Security Conference.
This change means sleepless CIOs and CISOs increasingly face with the urgent need to secure IT environments which no longer have traditionally-defined network perimeters due to cloud technologies that expose their business to this increasingly interconnected world of new technologies.
Courtot detailed how this movement to technologies spanning cloud platforms, mobile devices and IoT often leads to a mish-mash of security products that don’t interoperate well in this new perimeter-less world, can be costly to own and maintain, and don’t offer the required protection for doing business in the digital era.
“Throwing money at the problem isn’t the solution,” said Courtot, whose keynote was titled “2017 The Year of Vendor Consolidation: Regaining the Visibility We Once Had.”
“We need to rethink the way we secure our IT infrastructures,” he said.
Embracing Digital Transformation Securely via the Cloud
The good news is that Qualys’ extensible, scalable, flexible, consolidated security platform prepares today’s enterprises with a secure fabric to extend their infrastructure and embrace cloud, mobile and IoT technologies for digital transformation.
“You have been early adopters,” Courtot told the hundreds of Qualys customers packing the keynote hall. “This is your opportunity to help your companies accelerate their move into digital transformation.”
Courtot went on to outline the benefits of the Qualys Cloud Platform, whose scalable and flexible cloud architecture sets it apart in the market. With its suite of 10 integrated solutions, the Qualys Cloud Platform lets CISOs consolidate the number of security and compliance vendors into one single view. An API layer exposes the platform’s functions to third party platforms and developers, plus a robust analytics and reporting engine sits at the back end, receiving data from a varied set of distributed sensors gathering data from customers’ IT assets anywhere.
To highlight scalability, Qualys’ platform annually performs 3+ billion scans, logs 100+ billion detections and collects, processes and analyzes 1+ trillion security data points. And it does all this with a Six Sigma 99.99966% accuracy.
Courtot noted that customers are increasingly taking advantage of Qualys’ integrated, consolidated platform offerings: The percentage of enterprise customers who have three or more of our offerings has almost doubled in the past three years, from 11 percent in the second quarter of 2013 to 21 percent in the same period this year.
Qualys Cloud Agent
Courtot highlighted Qualys Cloud Agent, launched in 2015, which he characterized as a significant extension of Qualys’ capabilities. “It’s absolutely groundbreaking technology,” he said, noting that Qualys has deployed over 1 million agents in customers’ environments, and has the scalability to deploy hundreds of millions more.
A significant advantage of Cloud Agent is that no scans need to be scheduled. The agents work in real-time without the need to schedule scan windows nor to manage credentials and firewalls. The agents are also centrally managed, can be deployed and uninstalled remotely across hybrid environments, and use up a minimal amount of computing resources on their host devices and networks. Courtot added that Cloud Agent will play a big role in securing IoT implementations.
AssetView for Regaining the Lost Visibility
To drive home the value of regaining lost visibility in the digital era, Courtot also cited Qualys AssetView, released last year as a free complement to the company’s Vulnerability Management module. AssetView goes right to the heart of the visibility challenge. “It brings back the visibility we’ve lost,” he said.
AssetView provides comprehensive asset visibility and control by automatically generating and continuously updating an organization’s asset inventory, and consolidating all the asset details in one place, providing a unified view of public and private cloud deployments, mobile devices and the new frontier of IoT.
With AssetView, the IT department knows which assets exist on their ever-expanding environment, where they’re located, who manages them and what security risks they carry. It scales to millions of assets and provides powerful search and reporting capabilities. It also integrates with third-party products such as the ServiceNow Configuration Management System and Splunk Enterprise.
Today’s companies are more often and more rapidly transforming their business into digital services powered by the scale of the cloud, the promise of mobility and power of analytics. As Courtot clarified in today’s keynote, Qualys’ mission is to leverage its expertise in cloud-based security to simplify the securing of IT infrastructure for companies who are accelerating their digital transformation and disrupting before they are disrupted.