Built on the Qualys Cloud Platform, ThreatPROTECT correlates data from vulnerability scans and active threat data from multiple sources into a single dynamic dashboard to provide a holistic and contextual view of an organisation’s threat exposure.
According to the company, with ThreatPROTECT, customers can visualise, prioritise and take action to minimise exposure from vulnerabilities related to the threats that matter most.
Dealing with huge numbers of vulnerabilities remains an issue for most organisations, as fixing every issue can take a considerable amount of time. Chasing the deployment of fixes to every vulnerability results in more critical issues being left unaddressed for longer periods.
Qualys highlighted that organisations must prioritise remediation efforts to have an immediate and measurable impact on risk reduction. This requires not only accurately identifying vulnerabilities, but also understanding a variety of point-in-time factors that contribute significantly to the overall risk exposure. For example, certain vulnerabilities with publicly available exploits that are actively being leveraged by attackers present greater threat exposure compared to less well-known and automated vulnerabilities. Providing actionable security intelligence with organisational context leads to better countermeasures against the threats that matter most, protecting IT assets against compromises and protecting the organisational brand.
Leveraging vulnerability data collected via Qualys scanners or in real time via the Qualys Cloud Agents, Qualys ThreatPROTECT correlates this data with Real-time Threat Indicators (RTI) from multiple industry sources, providing customers with an easy-to-understand dashboard that provides clear insight into which vulnerabilities to fix first. The dynamic ThreatPROTECT dashboard, with powerful ElasticSearch capabilities, helps customers to rapidly find and prioritise responses to vulnerabilities based on these RTIs according to the level of threat seen in the wild.
“In today’s rapidly changing threat landscape, the most effective way for companies to protect themselves is to accurately identify assets, prioritise threats and take action to prevent a compromise,” said Philippe Courtot, chairman and CEO for Qualys. “We continue to innovate and leverage our extensible Cloud Architecture to bring solutions like ThreatPROTECT to our customers.”
RTIs are external data points that enrich and provide context when correlated with vulnerability scan data collected by Qualys. RTIs can be used on a standalone basis or cascaded with each other to prioritise efforts for patching, or to select compensating controls to reduce exposure when patches are not available. The interactive, dynamic dashboards in Qualys ThreatPROTECT help customers visualise the threat level, which can be combined with additional information about the environment from other modules such as AssetView. This allows customers to further mine asset information to prioritise remediation to the most important assets with the greatest threat exposure.