Cloud safety and compliance software program firm Qualys on Wednesday introduced it’s including exterior assault floor administration (EASM) capabilities to the Qualys Cloud Platform.
The brand new functionality can be built-in into Qualys CSAM (cybersecurity asset administration) 2.0, a listing monitoring and backbone instrument to assist safety groups achieve visibility into beforehand unknown internet-facing property.
“Reaching full asset visibility stays one in all cybersecurity’s most elusive targets,” mentioned Sumedh Thakar, Qualys CEO, in a press launch. ”CyberSecurity Asset Administration 2.0 solves this by offering each the holistic, exterior attacker-level and inner view of the assault floor to handle the elevated menace panorama comprehensively.”
EASM affords steady classification of digital property
Qualys’ EASM capabilities are designed to permit steady discovery and classification of each inner and internet-facing (exterior) digital property. This contains beforehand unidentified cloud property equivalent to unauthorized software program, open ports, remotely exploitable vulnerabilities, digital certificates points, unsanctioned apps, and domains.
“In a distributed world, including exterior assault floor administration (EASM) capabilities to Qualys’ answer is a robust transfer and important when augmenting cyber protection capabilities and mitigating threat,” says Christopher Wilder, analysis director at TAG Cyber. “Incorporating EASM into its portfolio will present its prospects with a single view of all threats internally and externally, thereby lowering the assault floor, enhancing its potential to detect and reply to safety incidents quicker, and lengthening asset stock inside and outdoors the enterprise.”
Qualys CASM 2.0, together with Qualys VMDR (vulnerability administration, detection, and response) 2.0 can also be anticipated to streamline incident remediation by automating remediation workflows to transform unmanaged, internet-facing property into absolutely managed and patched property, the corporate mentioned.
The mixing may even routinely synchronize with enterprise configuration administration databases (CMDBs) to permit safety groups to seize unmanaged property and achieve visibility via a single supply for internet-facing property, together with location and context.
Copyright © 2022 IDG Communications, Inc.
