Qualys zero-touch patching for proactive vulnerability remediation

Sumedh Thakar, President and Chief Executive Officer of Qualys

Qualys Inc., a leader in disruptive cloud IT security and compliance solutions has announced that it is integrating zero-touch patching into Qualys Patch Management.

Zero-Touch Patch ensures that companies’ endpoints and servers are proactively updated as soon as patches are available and therefore reducing their overall attack surface area.

Most vulnerability remediation involves multiple teams and processes – first, a scanning tool identifies vulnerabilities, and then they are passed to the patching team for remediation.

Its a pain point for companies leading to extra resources, costs and longer exposure times. 

A lack of alignment between vulnerability and patch processes and the manual efforts required for vulnerability remediation are among the key causes of delayed patching.  

Qualys Patch Management embraced by the market

“Qualys Patch Management helps us quickly patch remote systems based on vulnerability priorities without a VPN,” said Surendra Nemani, Head of Security Engineering at Infosys.

“The zero-touch capabilities support third party apps like Microsoft, Adobe and web browsers.”

“Automation helps to set up patching in advance, matching patch correlation to prioritised vulnerabilities without the need for the back and forth between security and IT teams.”

“It has empowered our platform teams and improved our patch governance efforts.”

“We chose Qualys Patch Management as its integrated in Qualys VMDR with cross-platform remediation,” said Chris Kissel, research director in IDC’s Security & Trust Products Group.

“Endpoint security needs to concentrate on taking intelligence from detection and response workflows for better prevention, and Qualys is uniquely positioned to leverage both vulnerability and threat intelligence insights in its latest patching solution.”

“Qualys’ approach of taking patch remediation a step further with the addition of zero-touch automation eliminates non-caustic threats like always patching Chrome or iTunes.”

“Qualys Patch Management is a welcome addition that helps companies reduce their attack surface while also freeing up IT and Security resources to focus on more strategic areas.” 

Qualys Patch Management leverages the Qualys Cloud Platform and Cloud Agents to help IT and security teams quickly and efficiently remediate vulnerabilities and patch systems.

New intelligent automation allows prioritisation of vulnerabilities based on threat indicators such as ransomware, matching of prioritised vulnerabilities with known patches.

A zero-touch patch management’s set and forget feature helps to proactively patch devices and applications per predefined policies and leads to increased productivity.

Companies can create a policy to keep Adobe Reader patched on all employee laptops. 

Qualys Patch Management capabilities

Reduce the risk from threats like ransomware 

Qualys Zero-Touch Patch intelligently identifies and automatically deploys the proper patches and configuration changes required to facilitate remediating vulnerabilities identified.

Qualys Patch Management leverages Qualys VMDR (Vulnerability Management, Detection and Response) to prioritise them based on real-time threat indicators such as ransomware, active attacks, exploitability or lateral movement to help organisations reduce cyber risk.

Accelerate vulnerability SLA compliance

The application of Qualys Patch Management for compliance is automated to help client organisational security teams align with regulatory and internal security policies.

By identifying the riskiest products in the environment, Qualys Patch Management helps organisations to focus automation efforts on those that introduce the most vulnerabilities.

In addition, the quick application of low operational risk patches by the Qualys Patch Management also reduces the overall time to remediation improving vulnerability SLAs.  

Lower cost and complexity

Endpoints are quickly and consistently patched, via the cloud, without the need for manual intervention and regardless of their location or connection to a corporate network.

This facilitates companies in reducing the cost of securing a prominent vector of attack and eliminating the need to go over VPN for patching can be a significant cost saving.

“With cyber attack volumes growing exponentially, integrating automation in cyber security has moved to a must have in priorities,” said Sumedh Thakar, president and CEO of Qualys. 

“As organisations implement zero-trust security frameworks, the ability to automate patching so they can better trust assets becomes a foundational aspect of their cyber defense strategy.”

Qualys Zero-Touch Patch will be available in October as part of Qualys Patch Management app for individuals who would like to sign up for the free Patch Management trial.