Member’s Login

Forgot Password  |  Create an account

Qualys Unveils New Add-on to Vulnerability Management to Help Customers Automate Security Configuration Assessment (SCA)

Posted By - DynamicCISO,

Qualys announced its Security Configuration Assessment (SCA), a new add-on for Vulnerability Management (VM) that provides customers cloud-based tools to automate configuration assessment of global IT assets using the latest out-of-the-box Center for Internet Security (CIS) benchmarks.

Configuration issues are a major source of breaches, and basic hardening of all systems — whether on-premise or in the cloud — is required to protect today's complex environments. To help customers with this challenge, Qualys is introducing SCA for automated configuration assessment of large and small IT environments. SCA provides benchmark-based guidance and simplified workflows for scanning and reporting, eliminating the cost, resource and deployment issues associated with traditional configuration management software point products.  Leveraging the Qualys Cloud Platform, SCA enables more customers to better safeguard global endpoints, on-premise and cloud assets against today's evolving cyber threats.

"In the era of plug and play, rapid application development, one-click installations, and pressing business deadlines, systems are often put into production with default settings and without hardening," according to Gartner. "In such cases, readily available and approved baseline configuration standards can be used prior to deployment to ensure and maintain a standard and consistent configuration throughout the enterprise. This will not only help to achieve a better security posture but also increased compliance and business effectiveness and efficiency."1

"Recent global cyber-attacks have served as a reminder that companies must take a proactive stance in securing the infrastructure and operations underpinning their digital transformation," said Philippe Courtot, chairman, and CEO, Qualys, Inc. "Qualys SCA helps customers automate the security best practices behind leading benchmarks, and integrate them with DevSecOps for a more proactive approach towards securing today's digital business."

Qualys SCA offers:

Broad Coverage: Qualys' SCA add-on offers leading CIS benchmark coverage with support for the latest CIS benchmark releases of operating systems, databases, applications and network devices.

Accountability for Controls: Qualys SCA controls are developed and validated in-house by Qualys security experts and certified by CIS.  The controls are optimized for performance, scalability, and accuracy.

Ease of Use: SCA provides CIS assessment via a web-based user Interface and delivered via the Qualys Cloud Platform, enabling centralized management with minimal deployment overhead.  CIS controls can be selected and customized per an organization's security policies.

Remote Scanning and Auto-discovery of Instances: SCA uses the same data collection technologies as Qualys Policy Compliance and VM, allowing for the agent or agentless data collection.

Reports and Dashboards: SCA users can schedule assessments, automatically create downloadable reports of configuration issues, and view dashboards for improving their security posture.

Related Tags - Qualys, Vulnerability Management, Security Configuration Assessment

Subscribe to our newsletter for all the latest updates and special offers.

Click Here To view archive additions

Older Entries

Monday, April 14th, 2014 02:55:00 PM Heartbleed - Bruce Schneier, CTO
Sunday, April 27th, 2014 09:10:00 AM Heartbleed FAQs - Richard Henderson, Security Strategist FortiGuard Labs
View All