Qualys adds advanced remediation to the Qualys Cloud Platform. The new update enables organizations to fix asset misconfigurations, patch OS and third-party applications, and deploy custom software.
Qualys said the result is improved efficiency by eliminating the need to use multiple products and agents and a more comprehensive approach to remediation.
The company believes timely and comprehensive remediation of vulnerabilities is critical to maintaining good security hygiene and proactive risk management. However, organizations struggle to recover quickly due to multiple factors, including ambiguity between IT and process ownership security, especially when the action requires sophistication beyond implementing a simple patch.
For example, to fix the Specter/Meltdown vulnerability, a configuration change is required in addition to deploying the patch.
Furthermore, some vulnerabilities require a registry key change without a patch, while others require a patch or a custom software update. Qualys said that the lack of clarity between vulnerability detection logic and potential remediation complexity due to the need for multiple tools exacerbates the struggle IT and security teams face.
Recognizing this, Qualys Patch Management integrates with Qualys Vulnerability Management, Detection, and Response (VMDR) to address vulnerabilities by deploying patches or applying configuration changes to any device, regardless of location. The new remediation capability allows teams to use a single application to detect, prioritize, and resolve vulnerabilities irrespective of the required remediation method.
Qualys President and CEO Sumedh Thakar said, “In this era of Log4Shell and Pwnkit, organizations must be extra vigilant and patch weaponized vulnerabilities without delay, requiring efficiency and rapid remediation.
“Qualys Advanced Remediation increases efficiency by using a single application to remediate vulnerabilities fully. Whether requiring configuration changes or deploying scripts and proprietary software patches, eliminating the need to use multiple products and agents to improve response times is a critical success factor in strengthening cyber enterprise defenses.”
According to Qualys
Fix vulnerabilities related to configuration changes: Teams can patch and update configurations to address all Windows-based vulnerabilities from a single console and workflow. For example, they can use Qualys to deploy the relevant patches and make the necessary registry changes to fix the Specter/Meltdown vulnerability.
Deploy and patch any Windows OS-based software on any device: Qualys Patch Management can deploy or fix any Windows-based application, whether it’s on-premises, in the cloud, or a remote location. The Qualys Cloud Agent can push any software to all target devices, such as deploying custom patches to all WFH users.
Support for complex patch deployments and environments: Enables patch deployment and configuration changes in complex environments with extensive workflows and dependencies. For example, Qualys used this feature to create a client script that removes the JndiLookup class associated with Log4Shell, quickly removing the vulnerability libraries from all systems.
