CFOtech Asia logo
Technology news for Asia's CFOs and financial decision-makers
Story image

Qualys develops EASM capabilities for Cloud Platform

Qualys has announced it is adding External Attack Surface Management (EASM) capabilities to the Qualys Cloud Platform.

Integrated into CyberSecurity Asset Management 2.0, the new component adds the external attacker view to identify previously unknown internet-facing assets for a complete and accurate picture of the enterprise attack surface.

Digital transformation, increased adoption of cloud and internet of things (IoT), a growing remote workforce, and a technology talent shortage have led to an exponential rise in organisations attack surface, Qualys says.

This expansion is designed to make it harder for security teams to correlate externally visible and internally managed assets, and govern compromises that occur because of undiscovered, unmanaged, or poorly managed IT assets.

To combat this, organisations need a new approach to view vulnerable assets from the outside in and execute like an attacker to quickly identify areas of risk, according to Qualys.

Michelle Abraham, research director Security and Trust at IDC, says, "Organisations must proactively manage their cyber defences, which includes finding and addressing vulnerabilities, to reduce cyber risk.

"Qualys unique approach to EASM is integrating the internal and external asset data from CyberSecurity Attack Management with its Vulnerability Management, Detection and Response (VMDR) solution into a single view. As a result, organisations can better identify undiscovered assets and immediately access and mitigate the cyber risk within the same workflow."

Mike Orosz, vice president information and product security at Vertiv, says, "Qualys CyberSecurity Asset Management provides invaluable attack surface insights from an external attackers point of view. This view allows us to proactively augment our vulnerability management program by discovering risks presented by previously unknown internet-facing devices.

"Additionally, the automated workflows enable us to prioritise security engineering actions that will reduce cyber risk and rapidly improve our company's security."

Qualys Cyber Security Asset Management 2.0 with EASM enables organisations to continuously monitor and reduce the entire enterprise attack surface including internal and internet-facing assets and discover previously unidentified exposures.

It also helps synchronise with CMDBs, detect security gaps like unauthorised or end-of-support software, open ports, remotely exploitable vulnerabilities, digital certificate issues, unsanctioned apps and domains, and mitigate risk by taking appropriate actions.

Qualys CyberSecurity Asset Management 2.0 with EASM Qualys CyberSecurity Asset Management with EASM allows Security and IT teams to:

Uncover gaps across the entire attack surface: From a single cloud platform, the solution continuously discovers and accurately classifies internal and external internet-facing assets. It automatically finds your subsidiaries, performs horizontal and vertical domain and subdomain enumeration, correlates WHOIS and DNS records and attributes assets to your organisation.

Get a reliable, accurate view aligning security and IT ops: Augment uncertain, outdated data in your CMDB with CyberSecurity Asset Management. Teams can capture unmanaged assets and gain a single source of truth for internet-facing assets, along with location and context, through automatic synchronisation with enterprise CMDBs and vulnerability management to streamline ongoing attack surface monitoring and response.

Rapidly remediate risk with native VMDR 2.0 integration: CyberSecurity Asset Management 2.0 and Qualys VMDR 2.0 improve the cybersecurity program posture with TruRisk scoring and automated and one-click orchestration of vulnerability and remediation workflows to convert unmanaged, internet-facing assets into fully managed and patched assets.

Sumedh Thakar, president and CEO of Qualys, says, "Achieving full asset visibility remains one of cybersecurity's most elusive goals. CyberSecurity Asset Management 2.0 solves this by providing both the holistic, external attacker-level and internal view of the attack surface to address the increased threat landscape comprehensively.

"Taking protection a step further, we've natively integrated the solution with Qualys VMDR so organisations can prioritise vulnerabilities and asset groups based on risk and proactively remediate to quickly reduce exposure."

Availability Qualys CyberSecurity Asset Management 2.0 with EASM is currently in preview and available to existing customers. It will be generally available in mid-September.

Related stories
Top stories
Story image
Kafka
Confluent reimagines data pipelines with Stream Designer
It will accelerate the shift to real-time with the industry's 1st visual interface for building, testing, and deploying data pipelines natively on Apache Kafka.
Story image
Sustainable IT
WQR: 72% orgs link quality engineering to sustainable IT
The report also highlights that 85% of organisations consider quality engineering pivotal in implementing emerging technologies into real-world use cases.
Story image
IT Automation
Intel hits key milestone in quantum chip production research
Intel demonstrates exceptional yield of quantum dot arrays, showing promise for large-scale qubit production using transistor fabrication technology.
Story image
Digital Transformation
Equinix invests in Indonesia with a $74m data centre
The centre will be strategically located near the largest internet exchanges to meet the country’s growing digital needs.
Story image
Cybersecurity
APAC orgs embracing Zero Trust Security, reveals Okta
Zero Trust Security helps organisations thrive in the era of hybrid work and increasingly sophisticated cyber threats.
Story image
Fintech
New report highlights opportunities and challenges of Super Apps for banking sector
"Staying ahead of the game means predicting where tomorrow will take us, as well as recognising where things currently stand."
Story image
Distributed Denial of Service
Sysdig reveals a loss of $53 for every $1 cryptojackers gain
The 2022 Sysdig Cloud Native Threat Report breaks down supply chain attacks against containers and how geopolitical conflict influences attacker behaviours.
Story image
Sustainable IT
Equinix commits US$50 million to advance digital inclusion
Establishes the Equinix Foundation, an employee-driven charitable organisation, to advance digital inclusion through grants and strategic partnerships.
Story image
Subscriptions
Denodo targets mid-market with new subscription models
These new subscriptions will help mid-market companies to streamline data integration and accelerate speed to insights.
Story image
Revenue management
BillingPlatform improves offerings to foster customer revenue growth
BillingPlatform has enhanced its platform and products with a focus on helping customers drive revenue growth through improved CPQ functionality, new B2B digital commerce capabilities and expanding its payment integrations to include Stripe, Stax Payments and Adyen.
Story image
Cloud
IBM releases Transformation Index to assist cloud innovation
IBM has released its Transformation Index: State of Cloud, commissioned by the company and conducted by an independent research firm.
Story image
eCommerce
New FedEx report reveals biggest trends in eCommerce
The report shows that SMEs and consumers agree that there's room for further growth in the already booming eCommerce sector.
Story image
Virtual Private Network
BT enhances global Cardway portfolio with Mako Networks
BT has announced a significant enhancement to its Cardway portfolio of payment solutions following the signing of a global agreement with Mako Networks.
Story image
Network Management
Data is growing at breakneck speed, but are we optimising its value?
Data lies at the heart of digital transformation, as every digital touchpoint translates to a data point. In this digital-first world, data is being created everywhere today – at breakneck speeds.
Story image
DevOps
Disparate data causing headaches for A/NZ businesses
Gone are the days when developers could get away with merely producing code. Many are now expected to be accountable for their code, which should be ‘clean’, right up to deployment.
Story image
Cloud
HashiCorp research shows organisations benefit from multi-cloud strategies
The survey highlighted the need for organisations to centralise and automate cloud efforts via platform teams in order to increase operational efficiency.
Story image
Digital Transformation
NEC Corporation and Red Hat expand global collaboration
NEC Corporation and Red Hat have announced an expanded global collaboration to drive IT modernisation and digital transformation on Red Hat OpenShift.
Story image
Artificial Intelligence
Exclusive: Uniphore shares how Conversational AI can be the key to business success
Conversational AI and Automation are vital tools to help further promote organisational cohesion and communication, and Uniphore is leading the charge.
Story image
Data analytics
COVID-19 relief innovation takes 2022 SAS Hackathon crown
In COVID-19’s wake, more than 287,000 MSMEs joined JakPreneur, a collaborative government platform that links entrepreneurs and stakeholders
Story image
Legacy
Trellix enables greater cyber resiliency with extended XDR platform
"Legacy SIEM technology has failed to modernise security operations. We are confident Trellix XDR fills this critical gap.”
Story image
Digital Transformation
How businesses can stay connected with their clients in a digital environment
Staying connected in a virtual world requires strong communication and collaboration, especially with many workplaces adopting a work-from-anywhere business model.
Story image
IT Automation
Tech job moves - Adobe, Ambit, blueAPACHE, Cue & DC Blox
We round up all job appointments from September 26-,30 2022, in one place to keep you updated with the latest from across the tech industries.
Story image
Artificial Intelligence
Fortinet advances AIOps to aid the hybrid workforce
"We’re continuing our commitment to AI innovation by delivering AIOps capabilities across our robust portfolio of enterprise networking technology."
Story image
Cloud
Workday expands skills cloud and announces new HCM customer
Workday has expanded its skills cloud service and has also announced that Busy Bees Learning has selected the company's HCM solution as part of an overall HR transformation. 
Story image
Workflow Automation
NetSuite announces SuitePeople Workforce Management
Oracle NetSuite has announced NetSuite SuitePeople Workforce Management, a solution created to help organisations manage labour costs and profitability.
Story image
Oracle NetSuite
NetSuite Launches Ship Central to improve warehouse operations
NetSuite WMS and Ship Central offer warehouse operations across SKUs, processes, and locations. NetSuite WMS eliminates manual processes
Story image
Ransomware
Commonwealth tackling rising cybercrime threat in Asia
Ransomware, identity theft, and virtual security attacks identified as growing threats to security and economic growth.
Story image
Malware
OpenText reveals nastiest malware of 2022, with Emotet at the top
OpenText threat intelligence experts combed through the data, analysed different behaviours, and determined which malicious payloads are the nastiest.
Story image
Work from home
Jamf showcases new products to simplify and secure work
At the 13th annual Jamf Nation User Conference, the company shared how its continuous product innovation is helping organisations succeed with Apple.
Story image
Tax
BlackLine adds tax hyperautomation capabilities to its solutions
The extension to BlackLine's intercompany solutions comes in response to organisations facing increasing intercompany tax scrutiny globally.
Story image
Sustainable IT
Adobe surveys sustainability at work in Hong Kong employees
The top three sustainability practices are reducing paper usage (46%), digital document storage and management (43%), and curbing electricity consumption (37%).
Story image
IT infrastructure
Kyndryl launches open solution, powered by co-creation
Kyndryl Vital is led by global teams of designers who work alongside customers and partners to define and solve complex problems with innovation.
Story image
Cybersecurity
Best practices for industrial cyber resilience
Operational technology (OT) security is gaining more attention than ever before, but sufficient understanding of what it takes to prevent breaches is still lacking amongst many organisations.
Story image
Amazon Web Services
Infor named Leader in 2022 Gartner Magic Quadrant for Cloud ERP
For the second consecutive time, Infor has been positioned as a Leader in the 2022 Gartner Magic Quadrant for Cloud ERP for Product-Centric Enterprises.
Story image
IT in Manufacturing
Five ways manufacturers can benefit from a purpose-built ERP
As the manufacturing world rapidly evolves to meet new challenges, many organisations are working to define a new roadmap to success.
Story image
Cloud
MYOB provides efficiency boost with new inventory solution
Premium Inventory is an integrated solution that helps goods-based businesses improve efficiency, reduce costs and increase cashflow.
Story image
Customer Relationship Management
NetSuite introduces CPQ to help organisations simplify sales process
NetSuite CPQ is the only native configure, price and quote solution built on the NetSuite platform. It works with NetSuite ERP, CRM, and eCommerce solutions
Story image
Software-as-a-Service
Intel accelerates innovation with software-first approach
Intel introduced new services and tools in AI, security and quantum computing to help developers reduce time-to-market and increase performance and security.
Story image
Microsoft
UiPath and Microsoft partner to empower best-in-class automation
"Together, we are helping customers realise and achieve the business value of automation at scale. We are excited to deliver substantial, integrated cloud offerings.”
Story image
Cybersecurity
Swift successfully pilots its Securities View capability
The new capability significantly increases transparency in post-trade processing while preventing costly settlement fails; it will be widely available in 2023.
Story image
Observability
Gigamon named leading vendor in deep observability market
650 Group has published a report, recognising Gigamon as the leading vendor in the deep observability market for 2022.