Qualys’ newest product, VMDR (Vulnerability Management, Detection, and Response), will hit the public market in March. Debuted at a live demo on February 25 at the Qualys Security Conference 2020 San Francisco, VMDR will provide an all-in-one cloud-based solution for vulnerability management. VMDR will automate the entire management cycle on all endpoints. The goal is to synergize aspects of endpoint solutions into one application for better management and visibility.
Source: Qualys. Accessed March 17, 2020.
VMDR takes endpoint solutions that can be separate instances and consolidates them into one management cycle. Qualys approaches vulnerability management along with its additional components of threat detection and prioritization, responses and patch management, and asset management. The entire dashboard allows administrators to analyze the riskiest vulnerabilities of the most critical assets first.
VMDR also allows you to see every asset on your network, including the unmanaged assets. This includes assets on your premises, endpoints, cloud assets, containers, operational technology (OT), and Internet of Things (IoT) environments. VMDR assesses these assets from all these vectors and analyzes the exploitable vulnerabilities for patching and remediation. VMDR automates the entire process and accelerates an organization’s ability to respond to, detect, and prevent possible threats
Qualys’ VMDR takes four separate entities of IT security and merges them into one cycle. These four aspects flow well into one another, and it only makes sense to have a process that encapsulates them all.
Particularly of note is VMDR’s ability to detect unseen assets on your network. Shadow IT is a common problem for enterprises as they continue to grow. By being able to detect these unauthorized assets and see their vulnerability ratings, a business can make informed decisions as to their merit and/or risk to its IT security program.
VMDR also works to patch the vulnerabilities that have been identified. After prioritizing your vulnerabilities, VMDR works to remediate them. VMDR scans and downloads the latest patch to make sure that your enterprise is always equipped with the latest version. Vulnerability management and patch management are intertwined aspects of IT security. By having these aspects work in tandem within one program, VMDR can expedite the process while providing consistency in your security measures. This reduces the vulnerabilities for an operations team, saving time and effort.
Qualys provides a full list of the VMDR workflow processes on its site. The consolidation of separate programs into one application is great for cutting down asset management and redundancies in your programs array. Qualys will also roll out a free version of the program with some VMDR functionalities to all its existing customers at no extra cost. The pricing is based on a per asset basis, starting at $199 and a minimum of 32 assets. We’ll be following VMDR to see its impact within the vulnerability management market and its emotional footprint for users.