Qualys has announced the expansion of its TruRisk platform to serve the needs of both large enterprises and small and medium-sized businesses.
The new offerings, VMDR TruRisk packages, and Enterprise TruRisk Management, will help organisations reduce cyber risk across their infrastructure and drive business growth.
Cybersecurity and IT teams are overwhelmed with the number of vulnerabilities that are disclosed daily. More than 40% of the vulnerabilities that are reported are either high or critical in severity. IT teams also have limited resources to patch vulnerabilities so they cannot patch everything. As a result, they need to focus on the right set of vulnerabilities that reduce the maximum amount of risk.
Assessing the risk for a given vulnerability or misconfiguration is easier said than done. Most enterprises prioritize vulnerabilities today based on the Common Vulnerability Scoring System (CVSS) rating system. Yet a CVSS rating represents the technical severity of a vulnerability, not the risk it poses to any given organization. This is an inefficient model because organizations end up patching vulnerabilities that may not reduce the risk for their specific and unique business.
For example, CVSS rates the vulnerability CVE-2020-13112 (concerning Amazon Linux Security Advisory for libexif: AL2012-2020-320) at a score of 9.1. This CVE has no known exploits available and yet is considered a “critical” vulnerability based on severity.
Cybersecurity Solutions Tailored for Small and Medium Businesses
For a small or mid-sized business, economic recovery from a major breach can be catastrophic after tallying the costs of stolen customer data, erosion of customer trust, lost business, and compliance violations. The average cost of a non-compliance event alone exceeds $14 million in the U.S. Without a doubt, smaller businesses must find effective ways of consolidating the costs of acquiring and running vulnerability management (VM) and compliance programs, without sacrificing security.
Qualys' new packaging combines Vulnerability Management Detection and Response (VMDR), Patch Management, and Multi-Vector EDR into tailored offerings for small and medium-sized businesses. These packages, VMDR TruRisk, VMDR TruRisk FixIT, and VMDR TruRisk ProtectIT, offer simple, easy-to-deploy, all-inclusive cybersecurity solutions to manage, remediate and protect against continuously emerging cyber threats and reduce risk. The convenient packaging and pricing allow partners to bring more Qualys offerings to customers and streamline the onboarding process.
VMDR TruRisk brings the power of Qualys Cloud Platform and the capabilities of VMDR. With VMDR TruRisk, smaller organizations now have access to enterprise-grade asset visibility, vulnerability management, risk assessment, and prioritized remediation workflows.
The solution offers risk-based vulnerability management for unprecedented insights into an organization’s unique risk posture to prioritize its most critical vulnerabilities across hybrid environments. It helps security and IT teams increase efficiency and save time by providing shared context and the ability to create drag-and-drop workflows to automate time-consuming vulnerability management operational processes including vulnerability assessment of ephemeral cloud assets, alerting, and prioritization.