Qualys and Microsoft Sunset Embedded Integration of Qualys Solutions for Microsoft Defender for Cloud

Sumit Bahl

Qualys offers a holistic risk-based approach to securing modern cloud workloads

Over the past three years, Qualys has had a strong collaboration with Microsoft, with Qualys providing the vulnerability assessment engine for Microsoft Defender for Cloud, covering infrastructure and container workloads. 

Our joint efforts with Microsoft have helped secure millions of containers and servers running in the Azure environment. These efforts have also helped measure and communicate risk effectively to various stakeholders. However, in a mutual decision to enhance respective solutions for customers, Qualys and Microsoft have agreed to sunset our embedded integration while Qualys will remain available as a Bring Your Own License (BYOL) model for servers.

The relationship with Microsoft will evolve as Qualys is a proud participant in the Microsoft Security Copilot Partner Private Preview. Microsoft’s Security Copilot is an AI-powered security product that enables security professionals to respond to threats quickly, process signals at machine speed, and assess risk exposure in minutes by combining large language models (LLM) with cybersecurity-specific models and more than 65 trillion daily signals. Microsoft will also participate with Microsoft Defender for Endpoint’s integration within the Qualys Enterprise TruRisk Platform ecosystem. Recent enhancements to the Qualys Enterprise TruRisk Platform will help customers holistically measure, effectively communicate, and proactively eliminate cyber risk, with a hyper focus on the impact of cyber risk on business risk.

The strategic shift was prompted by the rapidly evolving requirements for securing modern cloud workloads in Azure and beyond. In this dynamic landscape, a holistic risk-based approach is essential — one that evaluates risk by considering a variety of factors such as vulnerabilities, misconfigurations, threat intelligence and business context. This method provides a complete risk assessment, unlike the previous CVE-centric approach.

Leveraging Qualys TotalCloud, customers can now extend their capabilities to include not just vulnerability assessment but also security for cloud and container workloads.

Qualys TotalCloud presents a comprehensive end-to-end solution for container security, encompassing the entire lifecycle – from build to deployment, and through to runtime. This robust offering is especially crucial for customers utilizing Azure Container Registry (ACR) as well as other cloud or on-premises registries. Our commitment to supporting a broad spectrum of registry types ensures that you can continue to depend on Qualys for exceptional container security, regardless of your infrastructure setup.

Benefits of Transitioning to BYOL Qualys TotalCloud  Solution

Comprehensive Solution to Secure Azure Cloud & Container Workloads

Qualys TotalCloud is recognized as the most comprehensive and scalable cloud security solution for Azure. Qualys TotalCloud expands capabilities for assessing cloud risk by including network, agent-based, and agentless scans. Its FlexScan capability also allows for scanning through APIs and snapshots, providing the most comprehensive, accurate, and real-time assessment of risk.

Moreover, the solution provides extensive CVE coverage and incorporates more than 500 Center for Internet Security (CIS) best practice hardening guides to perform Cloud Security Posture Management (CSPM) and effectively reduce the attack surface. It also features certificate assessments and offers unlimited PCI ASV scans. Additionally, Qualys is renowned for its scan accuracy, achieving Six Sigma precision, which significantly bolsters the trust between security and IT teams.

Furthermore, Qualys TotalCloud is a comprehensive cloud security solution providing a unified vulnerability, posture, and threat solution with a single prioritized view of risk.

Risk-Based Prioritization with TruRisk

Leveraging best-in-class threat and exploit intelligence from over 25 sources, TruRisk prioritizes vulnerabilities for over 200k CVEs based on the evidence of exploitation or likelihood of exploitation. It allows you to measure risk across your organization with precision, monitor risk reduction over time, and implement measures to mitigate risk effectively.

Single, Prioritized View of Risk with TruRisk Insights

Qualys TotalCloud uniquely combines data for misconfiguration in the cloud, vulnerability criticality, and active threats to create a single prioritized view of risk to help customers focus on fixing what matters most, quickly and efficiently.

Multi-Cloud Support

With Qualys, you can assess risk across multiple cloud services like Azure, GCP, AWS, and OCI with VMDR.

Consolidate Cybersecurity Solutions

By leveraging the power of the Qualys TruRisk Platform, you can deploy patches across your entire attack surface, conduct web application scans, and integrate with CMDBs to enhance asset and business criticality context for eliminating risk. And, of equal importance, you can streamline processes and reduce expenses by consolidating your security solutions with the Qualys platform.

Best-in-Class Container Security Solution

Qualys Container Security offers comprehensive runtime security for container workloads running on Kubernetes across Azure and other cloud providers and self-hosted systems. Qualys solution continuously scans for vulnerabilities, ensuring that your container environments are always up to date with the latest security measures. Moreover, our drift detection capabilities monitor files and vulnerability changes, providing an additional layer of security.

Unlike traditional, signature-based methods, our approach utilizes advanced AI/ML algorithms, enabling the detection of even the most elusive, mutating forms of malware. This state-of-the-art technology positions Qualys at the forefront of container security, ensuring unparalleled protection against contemporary and emerging threats.

Comprehensive Cloud Security Posture Management

TotalCloud includes cloud security posture management (CSPM) capability for continuous monitoring and assessment of Azure for misconfigurations and non-standard deployments, ensuring your cloud environment adheres to industry best practices and regulatory mandates. TotalCloud CSPM supports 30+ industry mandates and 1,000+ pre-configured controls. This vast library of compliance standards and best practices ensures your cloud infrastructure adheres to critical regulations such as PCI DSS 4.0 and HIPAA.

Best-in-Class Cloud Detection and Response (CDR)

Qualys TotalCloud CDR uses deep learning AI to inspect network traffic and cloud activity logs to detect threats at runtime, including unauthorized activity, crypto-jacking, malware, suspicious communication, and command and control communication to malicious servers. Using deep learning AI, TotalCloud detects both known and unknown threats with 99%+ accuracy.

How to Migrate to Qualys TotalCloud

Recognizing the importance of a smooth transition, we are offering dedicated migration assistance to customers who wish to continue leveraging the full suite of Qualys products to secure their Azure cloud workloads.

New Customers

Sign up for Qualys TotalCloud

Existing Customers

Contact your Technical Account Manager at +1 800 745 4355 or send an email to Info@qualys.com or alliances@qualys.com to get started.

Share your Comments


Your email address will not be published. Required fields are marked *