Qualys Unveils TotalCloud 2.0 with TruRisk Insights to Measure, Communicate, and Eliminate Cyber Risk in Cloud and SaaS Applications
- None.
- None.
Insights
The introduction of Qualys TotalCloud 2.0 represents a significant advancement in the realm of cloud-native application protection platforms (CNAPP). As businesses increasingly adopt multi-cloud and SaaS solutions to drive innovation and agility, they encounter a complex web of security challenges. TotalCloud 2.0's ability to provide a single, prioritized view of cloud risk is a crucial development for organizations struggling to manage and mitigate threats across disparate environments.
From a cybersecurity perspective, the integration of Cloud Workload Protection (CWP), Cloud Security Posture Management (CSPM) and Cloud Detection and Response (CDR), along with SaaS and infrastructure posture data, allows for a more comprehensive risk assessment. This holistic approach is essential for identifying and addressing the most critical vulnerabilities and threats, which can help businesses avoid costly breaches and maintain regulatory compliance, such as the recent SEC mandates for public companies.
Moreover, the solution's focus on streamlining operations through ITSM integrations and automating remediation processes is a significant step towards operational efficiency. This can lead to reduced mean time to remediation, which is a key metric in evaluating the effectiveness of an organization's security posture.
The shift towards multi-cloud environments has necessitated a unified approach to security and compliance. TotalCloud 2.0's emphasis on providing comprehensive protection for SaaS applications addresses a critical gap in many organizations' security strategies. As SaaS applications become increasingly integral to business operations, they also become prime targets for cyber-attacks. The inclusion of SaaS security posture management (SSPM) into CNAPP solutions is a forward-thinking move that aligns with the evolving nature of cloud computing.
Furthermore, the capability to scan open-source software pre-and-post deployment using both agent and agentless techniques is a proactive measure against supply chain attacks. This is particularly relevant given the rising number of such attacks, which can have far-reaching implications for both the targeted organization and its customers.
Qualys TotalCloud 2.0's enhancements are not just about security; they also have significant implications for regulatory compliance. With the SEC's increased focus on cybersecurity disclosures, the ability of TotalCloud to integrate SaaS systems into an organization's overall security posture is a notable feature. This can aid in ensuring that companies meet the cybersecurity readiness requirements for data stored in SaaS systems, thus avoiding potential fines and reputational damage.
The platform's ability to prioritize risks and streamline remediation efforts can also assist organizations in maintaining a strong compliance stance. By reducing the risk of data breaches and other security incidents, TotalCloud 2.0 helps organizations adhere to industry standards and regulations, which is critical for public companies and those in highly regulated sectors.
Expanded solution brings cloud infrastructure, SaaS apps and externally exposed assets together for a unified view of risk across multi-cloud environments
The shift toward multi-cloud and SaaS environments presents organizations with the opportunity for innovation and agility but also introduces complex security challenges. This has led to the adoption of numerous security tools, each providing different and sometimes conflicting perspectives on the organization's risk level. Navigating these diverse risks across fragmented environments poses a challenge for organizations, impeding effective risk prioritization, reporting and remediation.
"Efficiently managing risk and responding quickly to threats or attacks on cloud workloads is challenging for organizations," said Melinda Marks, practice director, Cybersecurity at Enterprise Strategy Group. "Qualys TotalCloud 2.0 provides a unified platform to identify and consolidate all cloud data across diverse multi-cloud environments, providing broader visibility and context for efficient remediation of security issues. This approach fosters improved collaboration among security, IT, and development teams, to efficiently mitigate risk and protect business-critical applications."
TotalCloud 2.0 with TruRisk Insights provides a single, prioritized view of cloud risk. The solution correlates unique indicators from diverse Qualys sources, such as Cloud Workload Protection (CWP), Cloud Security Posture Management (CSPM), and Cloud Detection and Response (CDR). It combines these with SaaS and infrastructure posture to allow organizations to fix the most harmful threats quickly.
"Ensuring the security of our customers is paramount to us, so we turned to our trusted partner Qualys to help us secure our cloud solutions," said Rodrigo Herrera Villalón, head of application security, Banco BCI. "Qualys TotalCloud enables us to holistically secure our cloud environment by providing insights into our risk exposure. It brings together and analyzes vulnerability and posture assessment and threat mitigation data, so we can quickly identify and mitigate the most critical issues."
Qualys TotalCloud 2.0's enhancements streamline operations by providing:
- TruRisk Insights: Singular, Prioritized View of Cloud Risk – TruRisk Insights streamlines the identification of the highest-risk assets. In analyzing anonymized customer data1, Qualys found 120,000+ internet-accessible cloud workloads, with less than
10% having confirmed vulnerabilities. Qualys TruRisk Insights correlated risk indicators and identified less than0.3% of workloads with a confluence of suspicious activities, malware, and misconfigurations. This streamlined focus allowed organizations to prioritize critical issues by eliminating99% of workloads that didn't require immediate attention. Additionally, TotalCloud 2.0 integrates data from your External Attack Surface Management (EASM) solutions, giving you visibility into how external threats may perceive and target your cloud assets. - Comprehensive Protection for SaaS Applications – Today's threats extend beyond public cloud into organizations' critical SaaS applications. Without adequate protection, these applications can serve as entry points for lateral movement into the cloud environment. The recent SEC regulation mandates that all public companies are now obligated to disclose cyber incidents and meet cybersecurity readiness requirements for data stored in SaaS systems. TotalCloud is the first CNAPP solution to incorporate SaaS security posture management (SSPM) ensuring that configurations and permissions in apps like Microsoft 365, Zoom, Slack, Google Workspace, etc. are seamlessly integrated into your overall security posture for enhanced decision making.
- Supply Chain Risk Mitigation – TotalCloud effortlessly scans all open-source software pre-and-post deployment across various compute workloads, including containers, utilizing both agent and agentless techniques. This comprehensive approach significantly diminishes supply chain risk by identifying vulnerabilities across multi-cloud environments.
- Operationalized Risk Reduction – Streamlines operations and removes silos between IT and security with ITSM integrations. Automatically assign tickets and enable orchestration of remediation with your ITSM tools such as ServiceNow and JIRA to significantly reduce risk and speed mean time to remediation.
"Managing security across multiple cloud and SaaS applications can lead to scattered risk scores that are challenging for organizations to prioritize, let alone remediate," said Sumedh Thakar, president and CEO of Qualys. "TotalCloud 2.0 silences the noise from disparate security tools, offering a clear, prioritized view of risk across multi-cloud, SaaS applications, and assets. This ensures swift resolution of critical issues, dramatically reducing the organization's risk."
Availability
TotalCloud with TruRisk Insights is immediately available. To sign up for a free trial, visit qualys.com/totalcloud-2-demo. Learn more by reading our blog, Announcing TotalCloud 2.0: The Future of Cloud Security or registering for our thought leadership event, Cyber Risk Series: Cloud Security Edition, moderated by cloud expert, David Linthicum.
Additional Resources
- Read our blog post Announcing TotalCloud 2.0: The Future of Cloud Security
- Learn more about Qualys TotalCloud 2.0
- Follow Qualys on LinkedIn and X
About Qualys
Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of disruptive cloud-based security, compliance and IT solutions with more than 10,000 subscription customers worldwide, including a majority of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and automate their security and compliance solutions onto a single platform for greater agility, better business outcomes, and substantial cost savings.
The Qualys Enterprise TruRisk Platform leverages a single agent to continuously deliver critical security intelligence while enabling enterprises to automate the full spectrum of vulnerability detection, compliance, and protection for IT systems, workloads and web applications across on premises, endpoints, servers, public and private clouds, containers, and mobile devices. Founded in 1999 as one of the first SaaS security companies, Qualys has strategic partnerships and seamlessly integrates its vulnerability management capabilities into security offerings from cloud service providers, including Amazon Web Services, the Google Cloud Platform and Microsoft Azure, along with a number of leading managed service providers and global consulting organizations. For more information, please visit http://www.qualys.com.
Qualys, Qualys VMDR®, Qualys TruRisk and the Qualys logo are proprietary trademarks of Qualys, Inc. All other products or names may be trademarks of their respective companies.
Media Contact:
Rachel Winship
Qualys
media@qualys.com
1 Data from current TotalCloud customers with CSPM and CDR enabled. |
View original content to download multimedia:https://www.prnewswire.com/news-releases/qualys-unveils-totalcloud-2-0-with-trurisk-insights-to-measure-communicate-and-eliminate-cyber-risk-in-cloud-and-saas-applications-302055522.html
SOURCE Qualys, Inc.
FAQ
What is the upgrade unveiled by Qualys, Inc.?
What does TotalCloud 2.0 with TruRisk Insights provide?
What are the key features of TotalCloud 2.0?