New Qualys EDR service provides additional threat-hunting and risk mitigation capabilities

New Qualys EDR service provides additional threat-hunting and risk mitigation capabilities

Posted on

Cybersecurity software provider Qualys Inc. today announced its latest endpoint detection and response release with additional threat-hunting and risk mitigation capabilities.

Qualys’ Multi-Vector EDR 2.0 is pitched as improving alert prioritization and reducing the time needed to respond to threats. The updated Qualys Multi-Vector EDR operationalizes MITRE ATT&CK tactics and techniques, allowing security practitioners to analyze and respond to threats quickly.

The updated service extends the Qualys Cloud Platform’s prediction and prevention capabilities to provide orchestrated access to multiple context vectors. They include asset criticality, vulnerabilities, system misconfiguration and recommended patches via a single agent and unified dashboard.

The update from Qualys addresses a real problem. Security practitioners are inundated with alerts, which makes it hard to prioritize the ones that represent the riskiest threats. Having to deal with multiple alerts is the bane of any employee who deals with risk and cybersecurity, since it wastes time and exposes organizations to increased risk.

Qualys claims that traditional EDR solutions still focus solely on endpoint activity to detect attacks and incorporate only techniques in the MITRE ATT&CK knowledge base – not tactics. As a result, practitioners are forced to rely on additional tools to improve their cybersecurity risk posture, leading to slow and incomplete threat remediation actions.

The new release of Qualys Multi-Vector EDR, according to the company, provides a comprehensive threat response that leverages dynamic analysis from MITRE ATT&CK threat context mapping and the Qualys Cloud Threat Database to prioritize threat response and improve the remediation of vulnerabilities and system misconfiguration. Holistic multivector security offers native integration with other Qualys Cloud Platform apps to provide risk posture and asset criticality context to eliminate the blind spots of standalone EDR solutions while also improving remediation and response times.

Qualys also says the new release is easy to deploy, use and manage. Organizations can enable EDR with one click on a single agent providing asset inventory and vulnerability risk context along with patch management to reduce the risk of compromise comprehensively.

“Traditional EDR products solely focus on detecting threat activity on the endpoint, but what organizations want is to mitigate overall security risk to avoid attacks,” Sumedh Thakar, chief executive officer of Qualys, said in a statement. “By combining Qualys Multi-Vector EDR with VMDR and patch management, Qualys helps organizations focus on eliminating the riskiest threats quickly while strengthening their cyber resilience.”

Photo: Ordercrazy/Wikimedia Commons

Show your support for our mission by joining our Cube Club and Cube Event Community of experts. Join the community that includes Amazon Web Services and CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *