Announcing TotalCloud™ 2.0 with TruRisk™ Insights: The Future of Cloud and SaaS Security

Rapid cloud and SaaS adoption is driving digital transformation that’s reshaping business agility and scalability, making cloud and SaaS security more critical than ever. Recognizing this shift, in November 2022, Qualys launched TotalCloud – an AI-powered cloud-native application protection platform (CNAPP), to address the growing demand for cloud security. TotalCloud has been a game-changer for customers, protecting over 44M cloud workloads. TotalCloud extended the power of the Qualys platform with three key value propositions:

• Flexible, continuous, and quick vulnerability scanning capabilities with FlexScan™, which provides agentless and agent-based scanning across a multi-cloud environment with Six Sigma accuracy.

• Deep-learning AI to detect known and unknown threats in real time across the entire cloud kill chain, including reconnaissance, exploitation, installation, command and control, actions on objectives, and lateral movement.

• Cost optimization by unifying risk management for on-premises and hybrid cloud environments. Qualys’s flexible licensing provides a lower total cost of ownership (TCO) and higher return on investment (ROI) by allowing you to deploy the features you want when you want.

Now, continuing this innovation comes the launch of TotalCloud 2.0 with TruRisk Insights, the Qualys platform that extends the value of TotalCloud with several key innovative capabilities.  

New Capabilities in TotalCloud 2.0

1. TruRisk Insights correlates and unifies cloud security findings across workloads and resources to provide one prioritized view of risk so you can fix the most significant threats first.
2. SaaS Security Posture Management assesses the security posture of SaaS apps like Microsoft 365, Salesforce, Zoom, Google, etc., and correlates it with the risk of infrastructure for prioritization and remediation to meet new SEC regulation mandates.
3. Supply Chain Software Security significantly diminishes supply chain risk by identifying vulnerabilities in open-source software (OSS) across multi-cloud environments.
4. Operationalized Risk Reduction via a host of ITSM integrations like Jira and ServiceNow for better communication across teams, resulting in faster remediation.

The Key Challenges Solved

Before we detail the features, let’s explore the rationale behind selecting them. After the initial launch of TotalCloud, we actively sought feedback from our customers to enhance our solution further; they conveyed the need for a unified CNAPP solution to address the following key challenges:

Challenge 1: Too Many Siloed Tools, No Real Visibility

Today, organizations rely on multiple, siloed tools for cloud and SaaS security. They get “findings,” not actionable insights, and fragmented views from each tool.

Challenge 2: SaaS Applications Are Critical (per the SEC)

Without adequate protection, SaaS applications can serve as entry points for lateral movement into the cloud environment, and the SEC’s new breach disclosure rules don’t distinguish between data held in on-premises, cloud, or SaaS environments.

Challenge 3: Increased Open-Source Software (OSS) Attacks

OSS has become an integral part of most software architecture, and at the same time, supply chain attacks on open-source software have become more prevalent.

Challenge 4: Delays in Remediation Increase Risk

Despite nearly two years since the initial discovery of the Log4Shell vulnerability, a staggering 70% remain unpatched, indicating that remediation is a tricky problem. 

TotalCloud 2.0 with TruRisk Insights is the Answer

Today we’re excited to announce TotalCloud 2.0 to answer these challenges. TotalCloud 2.0 addresses our customers’ pressing needs by delivering:

Feature 1: TruRisk Insights: One Prioritized View of Risk

TruRisk Insights sheds light on the critical concept that risks in the cloud are not merely additive—they are multiplicative. A vulnerability, when paired with a misconfiguration and compounded by internet exposure, escalates into a significantly higher threat. This risky combination demands immediate and prioritized remediation.

For instance, TruRisk Insights can spotlight virtual machines that are particularly vulnerable due to internet-facing RDP ports with known vulnerabilities alongside evidence of suspicious activity that may signal an imminent threat. By synthesizing data from different Qualys sources, TruRisk Insights breaks down traditional silos. It provides a centralized, prioritized assessment of cloud risk that is both actionable and insightful, allowing security teams to optimize their efforts and fix the most critical issues, first.

Based on the Qualys Threat Research Unit (TRU)’s analysis of anonymized data from customers that have enabled the CSPM and CDR capabilities, 128,318 cloud workloads were found accessible via the internet. Many of these workloads were exposing RDP, SSH, and Telnet ports due to misconfiguration. Out of these, 8,854 of these workloads possessed confirmed vulnerabilities, and only a few hundred showed signs of suspicious activities indicating compromised cloud resources and services. Qualys TruRisk Insights correlated the risk indicators pinpointed to 24 workloads that are particularly vulnerable to malware, marked by a confluence of suspicious activities and misconfigurations. This precise insight enables organizations to swiftly prioritize and address their most critical risks so they can mitigate the most critical threats in order of priority.

Feature 2: SaaS Security Posture Management (SSPM): Managing the Security Posture and Risk Across Your Entire SaaS Application Stack 

The recent SEC regulation mandates that all public companies are now obligated to disclose cyber incidents and meet cybersecurity readiness requirements for data stored in SaaS systems. The days of SaaS applications enjoying a free pass when it comes to security are over. Regardless of whether data is breached on-premises, in the cloud, or within SaaS environments, the SEC regulations demand equal vigilance. Given the wide array of SaaS applications in use and the inherent risk of misconfigurations, over-provisioned access, and insecure SaaS-to-SaaS connections, the attack surface has expanded significantly. Therefore, it has become essential for companies to adopt a holistic approach to defense when safeguarding their SaaS applications.

TotalCloud 2.0 is the first and only CNAPP solution to bring the same level of security awareness and control that you already have in your cloud infrastructure to the SaaS applications. This integration helps you protect your SaaS applications like Microsoft 365, Zoom, Slack, Google Workspace, and more from cyberattacks and ensure compliance with industry regulations.

Qualys SSPM automatically inventories all your SaaS application users and user groups (internal and external) and the files and folders they own and have access to, so you can manage users and data access rights effectively. SSPM also helps identify and remediate misconfigurations in your SaaS applications.

Feature 3: Supply Chain Software Security: Detect Vulnerabilities in Open-Source Software

OSS has become the backbone of modern software development; its widespread adoption has, unfortunately, attracted a surge in malicious actors exploiting supply chain vulnerabilities. This increasing risk stems from the sheer popularity of OSS, the volunteer-driven nature of many projects, complex dependency networks, and evolving attack methods.

To combat the risk of supply chain attacks on open-source software, TotalCloud 2.0 scans all your open-source software prior to execution, across all compute workloads, including containers, for vulnerabilities. TotalCloud 2.0 detects OSS vulnerabilities with Six Sigma accuracy—significantly reducing your risk.

TotalCloud 2.0 also offers advanced scanning capabilities for detecting vulnerabilities in open-source software components at both the build and runtime stages. Enhanced scanning at build time enables developers to identify and mitigate vulnerabilities early in the development cycle, significantly reducing the risk of deploying vulnerable code. Runtime scanning ensures ongoing security and includes intelligent detection of running applications, enabling precise identification of applicable OSS vulnerabilities. This feature is invaluable for organizations developing cloud-native applications or managing microservices architectures.

A recent example of an OSS vulnerability is CVE-2023-50164, affecting Apache Struts 2, a widely used open-source framework for Java Web Applications. Similar to Log4j, Struts is an open-source deep-embedded package and is not present in the default location. Thus, traditional vulnerability scanners have limitations in detecting the struts and vulnerabilities. Using Software Composition Analysis, Qualys agents and container sensors pinpointed the exact virtual machines, running containers, and container images that contained vulnerable applications.

Feature 4: Operationalizing Risk Reduction: Enhanced Remediation Through Integration With ITSM Tools 

Despite it being two years since its discovery, the critical Log4Shell vulnerability remains unpatched on 70% of systems, highlighting the challenges of timely remediation. Lengthy, siloed processes across IT and development teams create communication gaps and slow down patching efforts, leaving organizations exposed for months.

Qualys already offers one-click, automated remediation and customizable workflows. Now, TotalCloud 2.0 enhances our remediation offerings with integrations with ITSM tools like Jira and ServiceNow so you can automatically assign tickets. By adding to our already diverse set of risk elimination options, it’s even easier for you to orchestrate and streamline your remediation process and, ultimately, reduce your Mean Time to Remediation (MTTR). The new ITMS integrations also offer a way for organizations to dramatically improve collaboration to handle security issues, track resolution and improve risk.

The Power of a Single Platform

In addition to the powerful new features of TotalCloud 2.0, when you combine several solutions into one platform, you reap the rewards of lowered cost and simplification. When you buy an on-premises vulnerability management solution from one vendor, cloud security from a second vendor, and SSPM from a third vendor, you are not only paying more money for the three solutions, but you also have the added complexity of dealing with multiple vendors and a fragmented view of risk with no correlation of risk signals.

With Qualys, you can protect your on-premises infrastructure, cloud infrastructure, and SaaS applications—from one platform. The combination of VMDR, CNAPP, and SSPM from Qualys provides better value for risk management across your infrastructure, removes the complexity of multiple vendors, and offers one unified view of risk.

Based on IDC research, Qualys provided 403% ROI in 3 years with lower TCO by eliminating point solutions and saving employee time through the reduction of manual processes and streamlined workflows.

TotalCloud 2.0: A Unified AI-Powered CNAPP Solution

With its new features, TotalCloud 2.0 further cements its place as a powerful, unified AI-powered CNAPP solution that offers a single prioritized view risk with:

• Flexible, continuous, and quick scanning capabilities with Six Sigma accuracy
• Comprehensive posture management to identify misconfigurations and non-standard deployments 
• Manage security posture and risk across your entire SaaS application stack
• Deep learning AI to detect known and unknown threats in real time
• State-of-the-art container security 
• TruRisk Insights for one prioritized view of risk
• Automated, one-click, and custom remediations and ITSM tool integration
• Flexible subscription model that provides lower TCO and higher ROI

---

Get a personalized TruRisk Insights report about your cloud environment to get visibility into your high-risk assets and a customized remediation plan. 

---

And don’t miss our upcoming Cyber Risk Series: Cloud Security Edition on February 28th, where you’ll hear from industry leaders like David Linthicum and others from organizations like CSA, CIS, and AWS, and see TotalCloud 2.0 in action.