Qualys Cloud Platform
The revolutionary architecture that powers Qualys’ IT security and compliance cloud apps.
Sensors that provide you continuous visibility
Whether on premises, at endpoints, on mobile, in containers or in the cloud, OT and IoT, Qualys Cloud Platform sensors are always on, giving you continuous 2-second visibility of all your IT assets. Remotely deployable, centrally managed and self updating, the sensors come as physical or virtual appliances, or lightweight agents. Our sensors also come natively integrated with cloud infrastructure providers such as AWS, Azure and GCP.
All data analyzed in real time
The Qualys Cloud Platform provides an end-to-end solution, allowing you to avoid the cost and complexities that come with managing multiple security vendors. The Qualys Cloud Platform automatically gathers and analyzes security and compliance data in a scalable, state-of-the-art backend. Provisioning any of Qualys’ natively-integrated security and compliance apps – twenty and counting – is as easy as checking a box.
Respond to threats immediately
With Qualys’ Cloud Agent technology, there’s no need to schedule scan windows or manage credentials for scanning. And Qualys’ Continuous Monitoring app lets you proactively address potential threats whenever new vulnerabilities appear, with real-time alerts to notify you immediately.
See the results in one place, anytime, anywhere
Qualys Cloud Platform is accessible directly in the browser, no plugins necessary. With an intuitive ,single-pane-of-glass user interface for all its apps, it lets you customize dashboards, drill down into details, and generate reports for teammates and auditors
All-in-One Vulnerability Management, Detection, and Response
Discover, assess, prioritize, and patch critical vulnerabilities in real time and across your global hybrid-IT landscape – all from a single solution.
Identify all known and unknown assets on your global hybrid-IT
Knowing what’s active in a global hybrid-IT environment is fundamental to security. Automatically detect all known and unknown IT assets everywhere for a complete, categorized inventory enriched with details such as vendor lifecycle information and much more.
Analyze vulnerabilities and misconfigurations with six sigma accuracy
Automatically detect vulnerabilities and critical misconfigurations per CIS benchmarks, by asset.
Quickly focus on what’s most urgent
Using advanced correlation and machine learning, automatically prioritize the riskiest vulnerabilities on the most critical assets, reducing thousands of vulnerabilities to the few hundred that matter.
Inoculate your assets from the most critical threats
With the push of a button, deploy the most relevant, superseding patch to quickly remediate vulnerabilities and threats across any size environment.
Today’s processes involve different teams, using multiple point solutions — significantly adding complexity and time to the critical patching process.
Traditional endpoint solutions don’t interface well with each other, creating integration headaches, false positives, and delays. Ultimately, devices are left unidentified, critical assets are misclassified, vulnerabilities are poorly prioritized, and patches don’t get fully applied.
The Qualys Cloud Platform, combined with its powerful lightweight Cloud Agents, Virtual Scanners, and Network Analysis (passive scanning) capabilities bring together all four key elements of an effective vulnerability management program into a single app unified by powerful out-of-the-box orchestration workflows. Qualys VMDR® enables organizations to automatically discover every asset in their environment, including unmanaged assets appearing on the network, inventory all hardware and software, and classify and tag critical assets. VMDR continuously assesses these assets for the latest vulnerabilities and applies the latest threat intel analysis to prioritize actively exploitable vulnerabilities. Finally, VMDR automatically detects the latest superseding patch for the vulnerable asset and easily deploys it for remediation.
By delivering all this in a single app workflow, VMDR automates the entire process and significantly accelerates an organization’s ability to respond to threats, thus preventing possible exploitation.
Automated remediation prioritization
Knowing what’s active in a global hybrid-IT environment is fundamental to security. VMDR enables customers to automatically discover and categorize known and unknown assets, continuously identify unmanaged assets, and create automated workflows to manage them effectively.
After the data is collected, customers can instantly query assets and any attributes to get deep visibility into hardware, system configuration, applications, services, network information, and more.
Automated asset identification and categorization
VMDR enables customers to automatically detect vulnerabilities and critical misconfigurations per CIS benchmarks, broken out by asset. Misconfigurations lead to breaches and compliance failures, creating vulnerabilities on assets without common vulnerabilities and exposures (CVEs). VMDR continuously identifies critical vulnerabilities and misconfigurations on the industry’s widest range of devices, operating systems and applications.
Real-time vulnerability and misconfiguration detection
After prioritizing vulnerabilities by risk, VMDR rapidly remediates targeted vulnerabilities, across any size environment, by deploying the most relevant superseding patch. Additionally, policy-based, automated recurring jobs keep systems up to date, providing proactive patch management for security and non-security patches. This significantly reduces the vulnerabilities the operations team has to chase down as part of a remediation cycle.
Patching and remediation at your fingertips
VMDR uses real-time threat intelligence and machine learning models to automatically prioritize the riskiest vulnerabilities on the most critical assets. Indicators such as Exploitable, Actively Attacked, and High Lateral Movement bubble up current vulnerabilities that are at risk while machine learning models highlight vulnerabilities most likely to become severe threats, providing multiple levels of prioritization.
Confirm and repeat
VMDR closes the loop and completes the vulnerability management lifecycle from a single pane of glass that offers real-time customizable dashboards and widgets with built-in trending. Priced on a per-asset basis and with no software to update, VMDR drastically reduces your total cost of ownership.