"The lack of visibility of the risks within an organization's global IT infrastructure is a deep concern. Periodic vulnerability and configuration scans can provide some visibility, but scale creates different problems. For example, scanning a 100,000-node network can potentially yield millions of findings, which creates difficulty in prioritizing which vulnerabilities to remediate first. Using a host-based scanning approach, delivered as a service, brings not only real-time information but also can increase the ability to consume the high levels of data collected," said
Conventional host-based scanning methods combined with network scanning have been the de facto way for organizations to identify vulnerabilities as well as update and verify patches to mitigate threats. However, the challenges of establishing scanning windows and authenticated scans, managing and updating heavyweight agents, and the rise of the cloud and mobile environments, have proven difficult and cost prohibitive for most companies. The Qualys Cloud Agent Platform resolves this conundrum by combining the power of its Cloud Platform with lightweight agents that are extensible, centrally managed and self-updating.
"Traditional vulnerability scanning methods present a number of challenges for IT security teams who either don't have the proper credentials, or are scanning assets that aren't always connected to the local network," said
Core Cloud Agent Platform (CAP)
Qualys CAP represents the next phase of innovation in
The cloud agents are deployed via a compact agent installer that can be embedded in system images, deployed with Group Policy, or simply run from the command line. The agent consumes very little CPU resources, ranging from 5% at peak to less than 2% in normal operation. Once installed, the agent will take a full assessment of its host while running in the background, and send that assessment snapshot back to the Qualys Cloud Platform for evaluation. Thereafter, a configurable profile controls how often the agent sends host changes as small deltas back to the platform to incorporate with the snapshot. Initial, full snapshots are only about a few megabytes, and subsequent deltas are a few kilobytes. This reduces the network bandwidth consumption to far below that of traditional scanning as well as other agent-based solutions.
Additionally, using the
Asset Inventory Service
IT or security administrators can deploy the Cloud Agent on their IT assets on a global scale, including on-premise systems, cloud-based servers or mobile endpoints. The inventory service allows IT professionals to search millions of assets in a matter of seconds.
Cloud Agent Platform Capabilities
Once these Cloud Agents are installed, the following additional capabilities can be turned on instantly per IT asset:
- Cloud Agent for Vulnerability Management (VM)
The Cloud Agent brings a revolutionary new way to continuously monitor assets for the latest Operating System, Application and Certificate vulnerabilities as well as to track the missing critical patches on each device in real time. This eliminates the need for establishing scanning windows or integrations with credential vaults for systems, as well as the need to actually know where a particular asset resides.Qualys users can combine network scans with Cloud Agents for devices such as firewalls, routers, etc., where it is not practical to install agents. Customers can also leverage the Qualys Continuous Monitoring (CM) solution to take this real-time data and turn it into instant alerts.
In future releases,Qualys will provide Indication of Compromise (IOC) detection capabilities via the Cloud Agent.
- Cloud Agent for Policy Compliance (PC)
Likewise, the Cloud Agent turnsQualys' Policy Compliance offering into a real-time solution and extends it to endpoints, which until now could not be performed by traditional network scanning solutions. This now allows customers to continuously evaluate all relevant assets against standards and benchmarks such as PCI DSS, CIS, ISO and HIPAA and many others.
In future releases,Qualys will provide File Integrity Monitoring (FIM) and Policy Enforcement (PE) capabilities via the Cloud Agent.
- Cloud Agent for Elastic Cloud Environments
Qualys Cloud Agent architecture greatly simplifies asset discovery and tracking as well as security and compliance monitoring in highly dynamic cloud environments like Amazon EC2 and Microsoft Azure since it gives customers the ability to embed the agent into the master images of their cloud servers. As soon as a new instance is created from the master image, it automatically activates the agent, which instantly registers and tracks the security and compliance of each and every instance, eliminating the need to implement a separate discovery mechanism or to build automation around spawning new scanners to scan the new instances.
- Cloud Agent CONNECT
All the data collected by the millions of Cloud Agents installed within an IT environment resides within the Qualys Cloud Platform, which makes it easy to transfer this data via published APIs to existing third-party tools including Security Information and Event Management (SIEM), big data analytics platforms such as Splunk, CMDBs and help desk systems.
In future releases,Qualys will provide automatic synchronization with such solutions.
Availability
Qualys Cloud Agent Platform is now available for trial on all Windows platforms and will go live on
To learn more about Qualys Cloud Agent Platform register for a free trial at https://www.qualys.com/cloudagent.
Additional Resources
- Stop by
Qualys' RSA booth (#3421) for more information - Follow
Qualys on LinkedIn and Twitter
About
MEDIA CONTACTS
Email Contact
(650) 801-6242
Email Contact
(415) 432-2467
Source:
News Provided by Acquire Media