SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Qualys updates Cloud Platform solution with rapid remediation
Thu, 19th May 2022
FYI, this story is more than a year old

Qualys is adding advanced remediation to the Qualys Cloud Platform. The new update is designed to enable organisations to fix asset misconfigurations, patch OS and third-party applications, and deploy custom software.

The result is improved efficiency by eliminating the need to use multiple products and agents and a more comprehensive approach to remediation, Qualys states.

According to the company, timely and comprehensive remediation of vulnerabilities is critical for maintaining good security hygiene and proactive risk management. However, organisations struggle to remediate quickly due to multiple factors including ambiguity between IT and security on process ownership, especially when the action requires sophistication beyond the deployment of a simple patch.

For example, to remediate the Spectre/Meltdown vulnerability, a configuration change is required in addition to deploying the patch.

Further, some vulnerabilities need a registry key change without a patch, while others need a proprietary patch or an update to custom software to remediate. The lack of clarity between vulnerability detection logic and potential remediation complexity due to the need for multiple tools increases the struggle IT and security teams face, Qualys states.

Recognising this, Qualys Patch Management integrates with Qualys Vulnerability Management, Detection and Response (VMDR) to remediate vulnerabilities by deploying patches or applying configuration changes on any device regardless of its location. The new remediation feature allows teams to use one application to detect, prioritise and fix vulnerabilities regardless of the remediation method required.

Qualys president and CEO Sumedh Thakar says, "In this Log4Shell and Pwnkit era, organisations must be extra vigilant and patch weaponised vulnerabilities without delay, which requires efficiency and rapid remediation.

"Qualys Advanced Remediation increases efficiency by using one application to comprehensively remediate vulnerabilities. Regardless of whether they need configuration changes or deployment of scripts and proprietary software patches eliminating the need to use multiple products and agents to improve response times is a critical success factor in strengthening enterprises cyber defences."

According to Qualys, the new capabilities enable organisations to:

Remediate vulnerabilities related to configuration changes: Teams can patch and update configurations to remediate all Windows-based vulnerabilities from one console and workflow. For example, they can use Qualys to deploy the relevant patches and make the required registry changes to remediate the Spectre/Meltdown vulnerability.

Deploy and patch any Windows OS-based software to any device: Qualys Patch Management can deploy or patch any windows-based application no matter if it is on-premises, in the cloud or a remote location. The Qualys Cloud Agent can push any software to all target devices, such as deploying proprietary patches to all WFH users.

Support complex patch deployments and environments: Allows the deployment of patches and configuration changes in complex environments with elaborate workflows and dependencies. For example, Qualys leveraged this feature to create a script for customers that removes the JndiLookup class related to Log4Shell, which quickly eliminates the vulnerability libraries from all systems.