DTX Manchester DTX Manchester
  • About Us
Friday, 15 January, 2021
IT Security Guru
CTX Manchester 2020 banner ad
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

All Your VMDR Questions, Answered

We caught up with the Qualys team to discuss how VDMR can help organisations improve their security posture

by Sabina
May 4, 2020
in Featured, Guru's Picks, Uncategorized
Qualys
Share on FacebookShare on Twitter

Last week, Qualys launched its latest solution, Vulnerability Management Detection and Response – VMDR, which integrates asset visibility, vulnerability management, detection and response across global hybrid-IT environments all from a single app. It was presented to the world with an informative webinar (available here).

With the recognition that this launch is taking place during unprecedented times, we caught up with Sumedh Thakar, President and Chief Product Officer, and Philippe Courtot, Chairman and CEO at Qualys, to discuss how VDMR can help organisations improve their security posture.

Will VMDR replace VM and all its associated modules?

VMDR is not a combination of the existing modules, it’s essentially one single application. In that sense, it will replace a lot of the functionalities we have with the various VM solutions, like threat protection. Users, however, are not going to be forced to upgrade to VDMR.

Users who decide not to update to VMDR will still receive certain benefits and features, such as the dynamic dashboard.

Does the asset discovery inventory identify external facing assets, and how do the capabilities for end of life and outdated components factor in, as we know unpatched applications are at higher risk?

VMDR brings together a lot of the data from the different sensors and coordinates it in the back end. It effectively provides enterprises and organisations with the ability to scan the entire internet and identify external assets.

We are currently working on even more integrations, which will bring additional feeds into that capability. Furthermore, the asset inventory provides the visibility from an internal asset perspective, too.

There are additional optional enhancements, such as the ability to know when a piece of software is reaching end of life. It is bundled into the product and it can be activated very easily for those who wish to trial it.

One of the core features of VMDR is the integration of patch detection and patch deployment capabilities into a single interface. What if an organisation doesn’t have the Qualys patch management module enabled, would the dashboard still show that a patch is available to the user?

Absolutely. The great advantage of having an integrated interface is the ability to switch from detection of devices to the detection of patches as part of VMDR. What that means is that organisations can detect specific patches on specific devices.  The agent allows you to tag exactly which file needs to be deployed to fix a specific vulnerability. Even if the patch deployment capability is not enabled from Qualys, the detection capability is included as part of VMDR, so from there organisations can decide whether they want to leverage that information to deploy another third party patching system or leverage Qualys’ agent itself and reduce the window of exposure.

What if an organisation has Qualys, but there’s another team that deals with the patching, how can VMDR help them?

Being cloud-native, we have always had very strong role-based access control capabilities and user scope capabilities. So, even if it is a different team that deploys patches within an organisation, they can be given specific access and specific permissions to look at the patching part and have an approved workflow in there.

Therefore, you can have the separation of duties between the vulnerability team and the patching team, who can both be looking at the same platform and looking at the same data, but through different  workflows tailored for individual users.

Customers are worried about potential issues when patching production servers. How can Qualys help?

We have a highly capable patch deployment module, which is very mature and has built in scheduling and roll back of patches. Because everything we do on the platform has the cohesion and the homogeneity of being tied around assets and asset tags, customers that have automated tests can simply enable one particular tag on test systems first. Once they are satisfied that the patch doesn’t cause any issue on the test systems, the patch can be rolled out on to the production servers, with the knowledge that it won’t impact assets negatively.

You can also do that based on the type of asset: with laptops, for instance, it is almost always the case that the organisation wants to auto-patch Adobe or the operating system, but as the capability matures we are aiming to provide information on which patches might be failing or causing issues.

We are currently using the Qualys cloud agent for VM on a cloud and premise virtual machines. Is VMDR different to what we are currently using?

It’s all part of the same sensors and the same agents, which means that all the capabilities are built in the platform. Whether you use Qualys’ agent that does data collection and sends it back to the platform on laptops, on Microsoft Azure or AWS, you won’t need to install another one or manually update it.  Whether it’s cloud, android devices, or tablets in meeting rooms, the same agent can be deployed to discover devices, bring all of those together, detect all vulnerabilities, prioritise and provide the ability to remediate and respond.

Does VMDR require the deployment of the cloud agent?

VMDR doesn’t require the cloud agent to be deployed, as we can already provide the ability to look at threats and paradigms based on scans and authenticator scans. However, deploying the cloud agent gives organisations even more precise information from devices, and the capability to automatically correlate and highlight what is needed. Given how quickly the nature of assets and vulnerabilities change, a lot of the value of VMDR comes from having more real time information from the agents.

What are VDMR’s API options?

As you enable VMDR, a lot more high-fidelity information will be coming out from the APIs. We have a couple of additional new APIs related to patching, which will provide additional information to integrate with other patch management solutions.

The base level of the APIs usage tier is already included in VMDR, so if organisations wish to have even more hyper realism on the APIs, then that will be something that can be discussed with account managers as Qualys can certainly help with that.

Given that many organisations had to swiftly adapt to remote working, how can VMDR ease their security concerns?

Deploying patches remotely puts considerable pressure on IT security teams. To give back to the community, Qualys has enabled a standalone version of the VMDR cloud-based solution, Qualys Remote Protection, which is available for free for 60 days. It gives security teams instant and continuous visibility of remote computers so they can easily see missing patches for critical vulnerabilities and deploy them from the cloud. The patches are delivered securely and directly from vendors’ websites and content delivery networks to ensure there is little to no impact on external VPN bandwidth.

 

0 0 vote
Article Rating
FacebookTweetLinkedIn
ShareTweetShare
Previous Post

CISO Carpool NOT Karaoke with Shan Lee, CISO at Transferwise

Next Post

SSH brute-force attacks on IoT via Kaiji malware

Subscribe
Notify of
guest
guest
0 Comments
Inline Feedbacks
View all comments

Recent News

game

400,000 customer details compromised in Resident Evil and Street Fighter gaming company ransomware attack

January 15, 2021

XSS vulnerability affects government websites

January 15, 2021

COVID-19 State of Remote Work Survey: 34% of Workers Felt Pressure to Return to the Office

January 15, 2021
CCTV used to spy

Ethics Officer Facing Cyberstalking Charge

January 15, 2021

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

More information
wpDiscuz
0
0
Would love your thoughts, please comment.x
()
x
| Reply
Privacy Settings / PENDINGGDPR Compliance

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Accept