Cyberattacks are occurring more frequently. They’re also more damaging. And they’re only likely to get worse. Chris Krebs should know—for the two years he served as director of the Cybersecurity and Infrastructure Security Agency (CISA), he was charged with sussing out threats, sounding the alarm to the public and private sectors and developing an aggressive, comprehensive strategy to combat ransomware.
“There are a set of incredibly sophisticated actors out there that daily are looking and scanning in an automated way for access to government networks” and they arrive “at work” with a list of potentially vulnerable targets to attack, said Krebs in the opening keynote address at QSC 2021 in Las Vegas. “Digital risk is here to stay and there will only be more attacks.”
Krebs provided insights gleaned from his storied tenure as CISA’s first director and set the tone for the first day of QSC—a day filled not just with recitations of the security problems business and government agencies face but one that provided a plot line for curbing attacks while taking the burden off of overwhelmed security teams. The millions of attempted attacks and pings on networks daily have created a complexity that the human brain can’t comprehend, he explained.
The security landscape is complicated further by nearly continuous digital transformation, a remote workforce that leaves security teams to safeguard remote devices not traditionally in their environments and a shortage of talent amplified by the Great Resignation – or just plain old burnout, according to Qualys President and CEO Sumedh Thakar, who followed Krebs onstage at QSC.
To get out ahead of highly motivated attackers in what Krebs called a permissive environment, organizations need to know all devices, detect all vulnerabilities and misconfigurations across their systems and prioritize what needs to be fixed—then actually fix it. “They need to go from just highlighting what’s wrong to taking action quickly,” Thakar said.
Concerned by the long, seemingly endless string of cyberattacks over the past two years, organizations are looking for solutions—and government support—to tackle complexities and shore up their defenses today so they can secure their systems against whatever threats the future might bring.
As sessions during the first day of QSC 2021 show, Qualys is well-positioned to provide those solutions, helping organizations break siloes, automate security and shorten time to remediation.
Qualys has focused on VMDR as a solution to leverage that ability to bring all capabilities together in an end-to-end workflow. “If you look at something like ransomware, we’ve done automation on VMDR the platform in the backend so we can detect security issues then automatically apply threat intelligence to them,” Thakar said. “From there you go into specifically what needs to be figured out and create a workflow to patch that as well.” Qualys effectively removes the need for security teams to write APIs and scripts to automate.
But that’s not all Qualys has in its arsenal. Among the sessions today:
Bringing the Unified Power of the Qualys Cloud Platform to Address Today’s Security Challenges
Qualys is nudging organizations away from using multiple siloed tools, which Shailesh Athalye, senior vice president, product management at Qualys, said simply don’t work against multivector attacks and aren’t scalable in the perimeter-less environments that have grown more common since the onset of the pandemic. Instead, the Qualys Cloud Platform offers a unified platform for context-driven security. Qualys has recently updated the platform to pump up prevention and added detection and response capabilities, such as asset inventory management and streamlining compliance management. Next-gen initiatives have included automating labor-intensive operational processes necessary to get insights out of security tooling using no-code, zero-touch orchestration.
Asset Management Reimagined for Security
As the name clearly says, Qualys has reimagined asset management so that security teams can monitor the health of their organizations’ assets by applying business criticality and risk context, detect security risks and prioritize vulnerabilities, responding rapidly to reduce what Constantine Vorobetz, product manager, assets and reporting, at Qualys, called “threat debt.” The company offers deep visibility through two-way CMBD integration and the ability to prioritize risks within a contextual framework to prioritize asset risk and response workflows.
Next-Gen Vulnerability Management Program
Aimed at prioritizing flaws in today’s hybrid infrastructure, Qualys offers organizations an integrated approach that can help them discover assets then uncover and prioritize vulnerabilities based on risk profiles. They can also have closed-loop remediate from a single platform. Integrated patch management betters time to remediation. Qualys also offers security teams a way to integrate with ITSM workflows like ServiceNow so they better collaborate to remediate vulnerabilities and prioritize and track flaws.
Organizations like Circle K, which has a large global footprint that includes more than 14,000 stores in 26 countries, are benefiting from those Qualys’s unique solution set. The retailer struggled to keep track of its assets as it bolted on new companies through acquisition and like most of the world’s companies sent its workforce home to work remotely in 2020.
“Everybody’s spread out. Everybody’s everywhere,” said Todd Sherinian, senior manager, global cyber operations, Circle K. “So, you need tools to identify that same level of visibility to your remote users, remote systems or the cloud.”
“Qualys’s CSAM gives us that and of course that all rounds up to our threat detection and remediation,” Sherinian said. “Is that remediation actually working? Because a lot of times folks will push patches and resolve something and we’ll see it’s not really right.”
Circle K needed something that validates remediation, not only in terms of security, but for compliance purposes as well.
“We had been asked by some major software vendors to audit Circle K as to whether their software was being used right–how many instances have been put on different servers or workstations or what have you,” said Sherinian. They wanted the security team to run a script across endpoints.
Instead, though, by using Qualys, Sherinian was not only able to quickly identify how software was being used for that manufacturer, but to see where assets are located and where data is going. “It saves a lot of hours and it’s worked out extremely well with the auditor from those organizations,” he said.
It doesn’t get any better than that.
To see how forward-thinking, ever-evolving Qualys platforms can and have helped organizations automate security and better manage assets, check out additional sessions and keynotes on the Qualys site. And tune into Day 2 of QSC 2021 Las Vegas.