Managing & Reducing Cyber

Security Risk with Qualys Platform

Shailesh Athalye
SVP, Product Management

Qualys Security Conference

Managing Cyber Security Risk Effectively
What Does it Mean For the Customers

Know the Assets

All known, unknown assets across the hybrid environment, role, business context,
external attack surface

Cyber Risk Mitigation

• Vulnerabilities, misconfigurations, patches
• What is my real risk, how do I communicate & mitigate risk

Reducing Cyber
Security Risk Prevention from Advisories
• Prevention, detection, analysis and rapid response to malicious activities, threats
• How can I reduce noise, prioritize with context & remediate root-cause

Improve Context, ROI

• Integrated use cases requires integrated context • How can I get better ROI
• Too many agents and tools, manual efforts
Reducing Cybersecurity Risk Effectively
Integrated | Across the Environment

ASSET
VULNERABILITY RISK RISK THREAT DETECTION COMPLIANCE
MANAGEMENT
MANAGEMENT REMEDIATION RESPONSE

APPLICATIONS EXTERNAL DEVICES

OPERATING SYSTEMS CLOUD / CONTAINERS / VMs IT / WORKSTATIONS / SERVERS IOT
Qualys Cloud Platform
Managing & Reducing Cyber Security Risk Effectively

TruRisk™

ASSET
VULNERABILITY RISK RISK THREAT DETECTION COMPLIANCE
MANAGEMENT
MANAGEMENT REMEDIATION RESPONSE

Passive External Virtual Cloud App Internet

Sensor Scanner Scanners Connector Scanner Scanners
PLATFORM SERVICES

API LIGHTWEGHT
SENSORS
AGENT

APPLICATIONS EXTERNAL DEVICES

OPERATING SYSTEMS CLOUD / CONTAINERS / VMs IT / WORKSTATIONS / SERVERS IOT
Qualys Cloud Platform
Managing & Reducing Cyber Security Risk Effectively

Qualys TruRisk™

UNIFIED DASHBOARDS UNIFIED CYBER RISK UNIFIED REPORTING

MANAGEMENT

ASSET
VULNERABILITY RISK RISK THREAT DETECTION COMPLIANCE
MANAGEMENT
MANAGEMENT REMEDIATION RESPONSE

Passive External Virtual Cloud App Internet

Sensor Scanner Scanners Connector Scanner Scanners

API LIGHTWEGHT PLATFORM SERVICES

SENSORS
AGENT

APPLICATIONS EXTERNAL DEVICES

OPERATING SYSTEMS CLOUD / CONTAINERS / VMs IT / WORKSTATIONS / SERVERS IOT
All-In-One Risk-Based VM Solution
Asset and Vulnerability Management, Threat Prioritization & Remediation

CISA KEV CVEs External, Hybrid environment across

Asset Inventory IT,OT, IoT, Mobile, Containers and more
& Management 2-second Visibility
Across a hybrid infrastructure

LocallyAutomate
Detectable
335
Vulnerability Management
38% 539 Workflow
Remotly Detectable Easier to Integrate Automation
With ServiceNow, Jira, QFlow and more 62%

Near real-time scanning

Vulnerability & for latest vulnerabilities
Configuration 4-HR MTTD
Assessment <24-hour response
for critical CVE’s 70K CVE’s

Precise patch identification

and remediation Patch
Avg 40+% Faster Management
Remediation for critical vulnerabilities
Prioritize based on threat, asset, &
vulnerability context
TruRisk
Prioritization Up to 85% Fewer
Vulnerabilities to prioritize based on risk. 25+
threat sources analyzed daily Quantify Risk
Prioritizes Risk to Defend Better Against Attacks

7% 57% 79%
critical or high w/ TruRisk lower TruRisk less ‘Ransomware’
vulnerabilities

Up to 85+% fewer
vulnerabilities to prioritize,
defend better against attacks Advantages for VMDR customers
for your environment
Importance of
Config Risk 79%
Management configuration hardening avg. score for Policy
Compliance customers vs. SCA customers (CIS
Throwing CIS reports Risk Prioritization To scanning)
at each other Harden from Attacks

Policy Compliance prioritizes

misconfigurations
51%
Risks of ransomware

MITRE attack techniques Security Misconfigurations caused

Auto-discovering middleware,
35% of All Time Cyber Incidents
database techns for assessment **Verizon DBIR, RDP Misconfigurations in Ransomware Attacks
 95%+
Remediation
• Multi-tech Patching – Win, Mac,
Linux, 3rd party apps
• Fix misconfigurations, uninstall/deploy
apps, Run scripts to mix
misconfigurations, Custom remediation Ransomware RTI vulnerabilities
• Know the ’lastusage’ of software to patch
are Qualys Patchable
Integrated
or uninstall
• Does not require VPN

Remediation
Reduces Risk Risk-prioritized
• Reduces time by mapping
exact remediations to
Collaborate Trust
• RBAC

Faster!
• Intelligent chaining
Reduce Risk, close issues
• Customized remediation
– patches, misconfigs,
reg changes • Remediation from
ITSM/Ops tooling
• Available through APIs;
Inside Ops, tickets, alerts • Automate dashboarding,
trending, reporting

Qualys Patch
Management
Qualys Patching VLC: Adobe:

Reduces Risk Debt 105

(2007-2022)
1530
(2004-2023)

~70% of vulnerability debt due to 3rd party software

Chrome: iTunes:
3M Patches deployed in 6 months
(SCCM 1.2M in 2 yrs, reactively)
2647 613
(2008-2023) (2005-2023)

~94% of vulnerabilities closed w/ Integrated Patching.

Patch/sec teams to concentrate on critical remaining

44,803 10K+ Firefox:

patches from Microsoft,
10K+ from third parties
from third parties 2131
(2003-2023)

In 2022

Get More Security

Managing Internal + External Attack
Surface is Key for Risk Reduction

Over 50%
of the tech-debt in risk due to 3rd party software, unauthorized/unused
software, security tools not running

Over 30%
of log4j still remain vulnerable due to inability to inventory open-source &
End of Life software The ‘comprehensive’ risk management you’ve been doing,
is applicable for only 63% of your assets

37%
of external assets unknown to organization, known to your attackers
Internal & External Attack Posture Management
for Maturing Vulnerability & Risk Management

External Attack Surface CyberSecurity Asset

Management (EASM) Management (CSAM)

Know attacker’s view of your Discover, Inventory assets &

managed & unmanaged Assets and software with context - role, business
their risks– domains, sub-domains,
web apps
Monitor security gaps –
EOL/EOS, security tool absence,
Monitor Cyber Risk for
unauthorized software
M&A Entities, 3rd party
vendors, subsidiaries
2-way sync with CMDB:

• Augment and Enrich CMDB

Integrated with VMDR, WAS
• Consume business context
for TruRisk
Benefits of CSAM with EASM to VMDR
37%
Unknown External Assets,
found by External attack surface (EASM),
integrated with
VMDR for Risk Management
60%
Faster vulnerability closure
with 2-way CMDB of CSAM
& VMDR sync with ITSM
 What’s Next…

Qualys Security Conference

Enterprise TruRisk Management
Managing the Cyber Security Risk by Importing, Merging 3rd Party Data

Enterprise TruRisk
Management
Communicate Cyber Risk
to the Board

Achieve Measurable
ROI for Cybersecurity

Procure flexible Views for

CIO, CISO & Practitioners
 81% Techniques protected by VMDR &

Defend Proactively
Policy Compliance

Against Attack Risks Maps risks due to RDP vectors on

External facing assets

Get More Security

Manage Cyber Risk of SCA & SBOMs
Solves Biggest Problems of SCA – Know the Risk of open-source in Production
Qualys
Container Security
CI/CD
Container Images
Assess vulnerabilities & know TruRisk
Dynamic & Static scans
Q2
Qualys Agent & VMDR
SCA Risk Scanning in production
and in CI/CD
Inventory, Assess OSS, Packages, Vulnerabilities,
and know TruRisk. Prioritize business critical
assets, Flexible environment specific scanning
and configuration controls.
Q3
Qualys
CSAM
Import SBOM & Know the Risk of open-
Source packages
Know the Packages vulnerabilities & TruRisk,
Correlate SBOM of known OSS projects & in-house
SBOMs, get full vulnerability analysis with TruRisk
Adaptive Risk Mitigation
Virtually guard assets as soon as a critical vulnerability
is detected, until an actual patch can be deployed

Apply mitigation scripts based on CVE to mitigation mapping

Disable/remove service, feature in question

Cloud Security

CWPP CSPM CIEM CNAPP

VMs Containers CMPs Serverless IaC
(2010) (2014) (2018) (2020)
Qualys TotalCloud™
Unified Vulnerability, Compliance & Threat Management from
Development to Run time

Inventory of public
Cloud
Security Discover, track, and continuously
cloud resources. Container secure containers – from build
Detection and remediation of Posture Security to runtime.
misconfigurations and Management TotalCloud
non-standard deployments.
(CSPM) Cloud-Native Application Protection
Platform (CNAPP)

Protects infrastructure by scanning Infrastructure Cloud Detection Continuous real-time protection of

IaC code for misconfigurations the multi-cloud environment
and non-standard deployments as Code (IaC) and Response against active exploitation,
before it is deployed. Security (CDR) malware, and unknown threats.
Cloud Workload
Protection (CWP)

Scanning for vulnerabilities in the cloud

environment (VMDR with FlexScan).

Flexible Licensing Follows the VMDR Volume Discounting Curve

EDR: The Ever-Reactive Battle?

19 days Time to vuln weaponization

30 days Average time to patch a vulnerability

Hours Time to inflict harm

277 days Average time to identify and contain a threat

The Reason?... Security Silos

Asset Patch
Best opportunity
Vulnerability
Management Management Management to stop threats
Discovery Vulnerability Scans Patch Management
Asset Inventory Config Management
Config assessment
Business context Compliance

BARRIER

Best insights into

Threat Prevention Threat Detection Threat Response
Anti-malware Endpoint Triage threat landscape
Behavioral Cloud Investigation
ML/AI Containment
Recovery
Multi-Vector EDR Integrated with TruRisk
Prevent threats with next-gen EPP, using AI/ML

Detect & Analyze threats based on MITRE, TruRisk

Mitigate attacks with multi-layered response

Auto-tune EDR based on TruRisk

Get control back to Patch root-cause of attacks
Approach Using Siloed Tools
Asset Discovery and
External attack tools
Inventory tool -
CMDB Sync | OT Inventory
External attack tool or Shodan
Manual Efforts for correlating patches,
Config Management
Cloud security tools
Certificate inventory & scanning
VM + Risk solutions +
Communication tooling Response – Patching, Risk Prioritization,
dashboarding, custom security Insights, Dashboarding
reporting, Ticketing
Vulnerability Assessment/scanning
Custom script tool Risk Management/Visualization
tools
Threat feeds/Intel Patch for Win, Linux, Mac, 3rd parties
Cloud remediation
asset, feeds data
Open-source software
vuln management
Simplify Security and Save Costs
Multiple Siloed Vendor Approach Consolidated Qualys Savings

Inventory tool - CMDB Sync | OT Inventory

Qualys Platform w/ Integrated capabilities
External attack tool or Shodan

Config Management

49%
VMDR with TruRisk & ITSM integration
Cloud security tools

On-premise Vulnerability scanning tool (no certificate sec)

Certificate Vulnerabilities Patch Management

Threat feeds/Intel
Potential Cost Savings
Manual Efforts for correlating patches, asset, feeds data CSAM with EASM
Open-source software vuln management

Custom script tool

OSS, SCA & SBOM
Patch for Win, Linux, Mac, 3rd parties

Cloud remediation
TotalCloud – CNAPP & Cloud DR
Risk Management/Visualization
Qualys Platform & Integrated Capabilities

Our Focus Helping organizations manage & reduce risk rapidly

Communicate & Detect & Respond to

Know your assets Reduce Risk Threats, with context

Reduce cost
External Attack Surface Report
Get Yours Free Now
Know your Risk of Internet-facing
01 Assets

Your Attack Surface from

02 attacker’s view

Actionable guidance to reduce

03 Risk

Powered by: