Qualys has announced the launch of CyberSecurity Asset Management 3.0, an expansion of the Enterprise TruRisk Platform.
This update integrates its leading vulnerability assessment capability into its External Attack Surface Management (EASM) solution delivering an accurate, real-time view of the external attack surface that eliminates more false positives to mitigate the risk of unknown assets.
Traditionally, cybersecurity teams rely on disparate sources like standalone external scanning tools, IT-centric databases such as configuration management databases (CMDBs), and API-based integrations to piece together asset inventories. EASM tools have relied on banner-grabbing methods that produce stale, incomplete asset data snapshots. As a result of this piecemeal approach to asset discovery, the average enterprise is blind to 38% of its assets at any given time.
Qualys CyberSecurity Asset Management 3.0 extends its leading asset discovery for all types of environments – including an EASM engine for real-time and accurate assessment of external attack surface risks, built-in passive sensing for IoT and rogue devices using the already-deployed Qualys agent, and third-party API-based connectors to complement Qualys sensors. This unified approach not only consolidates asset discovery to a single, unified solution but also introduces a first-of-its-kind EASM lightweight vulnerability scanner to pinpoint critical vulnerabilities immediately upon discovery.”
“With Qualys CyberSecurity Asset Management, we have a consolidated view of asset and cyber-risk data without requiring separate solutions to scan different areas of the attack surface,” said Mike Orosz, VP Information and Product Security, CISO at Vertiv.