Transcription
Expand your cybersecurity program with completevisibilityMark HolubCompliance Security Solutions ArchitectOctober 2019
Digital TransformationMore than just adopting new technologyPowered by IT innovationSecurity can’t be after thought
Digital TransformationCloud InfrastructureMore of IaaS & PaaSBut still running your code
Digital TransformationDevOps InnovationCloud MigrationContainer RevolutionScale & Elasticity
Digital TransformationWhat about Security?DevSecOps!More Dev than Sec or OpsBuilt-in not bolted-on
Journey into the CloudHindered by the SilosDatacenter Infrastructure SecurityCorporate User Endpoint SecurityCloud SecurityWeb Application Security (AppSec)CI/CD security automation(DevOps/DevSecOps)IT Asset Configuration Compliance & Audit
Multiple Point Security SolutionsBoth Legacy and nsole(PATCHING)AgentConsoleAgent
Single Pane of Glass (Desire)
Single Pane of Glass (Reality)
Qualys Cloud PlatformUnified approach to detection,prevention & response across onpremise, cloud and endpoints
End-to-end Security ArchitectureAutomated Continuous Monitoring & mCloudMobile DevicesOT/ICSIoTCMDBInventorySecurity HygieneVulnerabilityAssessmentThreat PrioritizationPatch ManagementConfigurationAssessmentEndpoint ActivityCloud Infra MonitoringNetwork ActivitySecurity OrchestrationIncident ResponseQuarantineNAC
Qualys SensorsScalable, self-updating & centrally managedPhysicalVirtualCloud/ContainerCloud AgentsPassiveAPILegacy data centersPrivate cloudinfrastructureCommercial IaaS & PaaScloudsLight weight, multiplatformPassively sniff on networkIntegration with ThreatIntel feedsVirtualized InfrastructurePre-certified in marketplaceOn premise, elasticcloud & endpointsReal-time devicediscovery & identificationCMDB IntegrationFully automated with APIorchestrationReal-time data collectionIdentification of APTnetwork trafficContinuous evaluation onplatform for security andcomplianceExtract malware files fromnetwork for analysisCorporate infrastructureContinuous security andcompliance scanningContinuous security andcompliance scanningContinuous security andcompliance scanningAgentless Agent Based PassiveLog connectors
Qualys Cloud AppsASSET MANAGEMENTAsset InventoryCMDB SyncCloud InventoryCertificate InventoryDiscover, normalize, and catalogall global IT assetsSynchronize asset information from Qualysinto ServiceNow CMDBInventory of all your cloud assets acrossAWS, Azure, GCP and othersInventory of TLS/SSL digital certificates ona global scaleVulnerability ManagementThreat ProtectionIndication of CompromiseContinuously detect and protect againstattacks, anytime, anywherePinpoint your most critical threatsand prioritize patchingContinuously monitor endpoints to detectsuspicious activityIT SECURITYContinuous MonitoringContainer SecurityPatch Management (March GA)Alerts you in real time about networkirregularitiesDiscover, track, and continuously protectcontainersSelect, manage, and deploy patches toremediate vulnerabilitiesCertificate AssessmentAssess all your digital certificates forTLS/SSL vulnerabilitiesCOMPLIANCE MONITORINGPolicy CompliancePCI ComplianceAssess security configurations of ITsystems throughout your networkAutomate, simplify and attain PCIcompliance quicklySecurity Configuration AssessmentSecurity Assessment QuestionnaireAutomate configuration assessment ofglobal IT assetsMinimize the risk of doing business withvendors and other third partiesCloud Security AssessmentFile Integrity MonitoringGet full visibility and control across allpublic cloud instancesLog and track file changes across global ITsystemsWEB APPLICATION SECURITYWeb Application ScanningWeb Application FirewallSecure web applications with end-to-endprotectionBlock attacks and virtually patch webapplication vulnerabilitiesAvailable on Cloud AgentFree Service for External
Qualys Cloud PlatformScalable, Micro-services, siveServiceCloudAgentServiceQualys Streaming Data atform ServicesAssetTaggingServiceUI / API / IntegrationsContainerService
Qualys Cloud PlatformUnified approach to prevention and responseIntegrated Suite ofApplicationsAnalytics and loudAgentPassiveAPI
Single Pane of GlassDynamic and customizable dashboardsCentrally managed, self-updating, integrated Cloud Apps1 trillion250 billionSecurity EventsData Points Indexed onElasticsearch Clusters3 billion99.9996%IP Scans/Audits a YearSix Sigma Scanning Accuracy
Qualys Platform for Hybrid Cloud and DevSecOpsVulnerability ManagementConfiguration ComplianceFind vulnerabilities in operating systems, commercialsoftware, and open sourceVerifying build complianceDetect changes from baselineVerification of Fixed vulnerabilitiesAPIPlug-insUI17Web Application ScanningContainer SecurityOWASP Top 10Input Validation VulnerabilitiesSQL Injection / Cross-site ScriptingInventory TrackingVulnerability ManagementEvents and Change Tracking
Qualys Cloud Platform OperationsRaleigh, NCSignatureUpdatesSoftwareUpdatesRedwoodShores, CA6 Public Clouds online in US, EUand INFrance, EUPune, IndiaOperation,Administration andMaintenanceGlobal Infrastructure3 BillionPrivate Clouds as a PlatformAppliance or a Virtual DataCenter(65 plus)Scans Annually*Public CloudsPrivate Clouds
Qualys Cloud PlatformA new unified to enhace your security program2-second visibility across all of your global IT assets(on premise, endpoints and cloud assets)Continuous assessment of your global security &compliance postureIdentify compromise-able and compromised assetsConsolidate all your security and compliance stacksSecure your digital transformationDrastically reduce your spend
Thank YouMark Holubmholub@qualys.com
CMDB Sync Synchronize asset information from Qualys into ServiceNow CMDB Patch Management (March GA) Select, manage, and deploy patches to remediate vulnerabilities Available on Cloud Agent. Qualys Cloud Platform Scalable, Micro-services, DevOps Qualys Streaming Data Backbone VM PC WAS Container Security FIM Scanner Service