Qualys, a well-established player in the vulnerability management field, offers vulnerability management, detection, and response (VMDR), a risk-based solution for managing vulnerabilities and misconfigurations. With the recent updates to VMDR 2.0 with its TruRisk capability, the platform has undergone significant upgrades, providing a range of SaaS-delivered features to effectively measure and reduce cyber risk.
The solution offers versatile deployment options to accommodate various architectures, use cases, and organizational needs. It includes physical and virtual appliances, public deployments in 11 global regions, private cloud deployments, and hybrid capabilities. The VMDR platform stands out for providing the widest range of deployment and architecture choices among the surveyed solutions.
VMDR 2.0 offers the TruRisk feature, which combines commodity vulnerability data, external threat intelligence, and internal telemetry sources like SSL certificates, CMDB data, cloud configurations, and identity information. This diverse data input enables precise and timely identification of previously challenging or elusive vulnerabilities. The Qualys Detection Score (QDS) is used to assess identified vulnerabilities, providing a customizable criticality measure tailored to each organization.
VMDR’s Enterprise TruRisk offering, which is just becoming available, enables aggregation of vulnerability data from across the organization. This includes third party security tooling that may have traditionally been viewed as competing products.
In the solution, customers can use a built-in research capability to investigate organization-specific risks. This feature combines threat intelligence with customer asset data. Additionally, VMDR introduces “contributing factors” to enhance the understanding of vulnerability severity ratings by providing insights into the reasons behind them.
The VMDR platform’s infrastructure scanning capabilities are robust. Data is collected on-premises and in the cloud via virtual agents, network scanning, and API integrations with cloud technologies and other solutions.
DAST is available via Qualys’ web application scanning (WAS) feature. WAS, in coordination with the Qualys in-house threat-intelligence feed, is able to rapidly identify vulnerabilities in applications, and this integration with WAS enables VMDR to provide API security testing. SCA is also offered within the broader Qualys platform through its Container Security product. Like WAS, this comes at an additional cost.
WAS supports integrations with technologies like Azure DevOps, Jenkins, TeamCity, and Bamboo. Additionally, through the Qualys API, users of VMDR with WAS can create solutions for custom use cases.
VMDR’s automation capability is worth noting, especially as it relates to patching. Patching is a time-consuming process and is usually a direct result of the vulnerability management program. The VMDR solution is able to deploy patches to vulnerable endpoints automatically, significantly reducing the labor required during remediation activities for most organizations. New this year is a ServiceNow automation capability that streamlines and automates patching.
Strengths: Qualys is a comprehensive solution that simplifies vulnerability understanding via its TruRisk scoring. It offers robust automation capabilities, and the newly added data aggregation features enhance its effectiveness.