Qualys VMDR and Ivanti have announced a new partnership dedicated to improving the detection and patching of vulnerabilities. Announced July 30, the Qualys and Ivanti Partnership has already gone live as an integrated component of the VMDR solution. Ivanti, known for the automation of security operations and discovery of assets of the network, lends its expertise to the Qualys platform. Of note, the partnership will allow Qualys customers to begin patching MacOS systems as well as additional third-party Mac applications directly through Qualys VMDR.
Source: Qualys at SoftwareReviews. Accessed July 30, 2020
Source: Ivanti at SoftwareReviews. Accessed July 30, 2020
While Qualys’ VMDR previously offered patching and remediation, it was limited in scope. The new partnership will add Ivanti Patch Management to help improve the automation and remediation process. This will allow for VMDR clients to rapidly detect vulnerabilities wherever they are on the network in tandem with the Mac-capable patching options. Currently, the VMDR solution contains Microsoft patch coverage for Microsoft Office, security, and non-security content.
The Qualys partnership creates a powerhouse of a vulnerability management platform. Ivanti already boasts one of the most extensive patch catalogs, as it claims to secure over 180 million endpoints globally. When combined with the Qualys VMDR program, the ability to patch and secure a network is impressive.
Many vulnerability management platforms seek to integrate more patch management and remediation into their offerings as the two often complement one another. However, the competitive advantage would dictate that it is better to specialize in one area rather than taking the route of a generalist and stretch yourself too thin. By partnering with Ivanti, both Ivanti and Qualys can leverage their strengths and rely on their other half make up any deficits in their offerings. The relationship results in only positives – for Ivanti, for Qualys, and most importantly, for the users who are trying to secure their networks.
Increasingly, strategic partnerships like this give a more comprehensive security overview and leverage specialized expertise rather than going it alone. Additionally, vulnerability management is not being considered as a single entity but as a convergence of both detection and remediation.
By exploiting a five-year-old configuration error, a hacker was able to access Amazon’s S3 cloud storage buckets on which Twilio’s code was loaded. As a result, customers were able to unknowingly download the modified code for twenty-four hours.
Microsoft recently previewed the specific features to tackle data security and risk management for end users with Microsoft Endpoint Data Loss Prevention (DLP) and Double Key Encryption. The reason for the launch? The increasing shift towards a remote work environment and a need to mitigate the accompanying risks.
IBM is changing the terms of its ubiquitous Passport Advantage agreement to remove entitled discounts on over 5,000 on-premises software products, resulting in an immediate price increase for IBM Software & Support (S&S) across its vast customer landscape.
RiskSense announced on July 13 its new version of the cloud-delivered RiskSense risk management platform. The main draw of the program is its holistic risk calculation across CVEs and CWEs.
To bolster and broaden its data privacy capabilities for end users, cyber and data protection vendor Acronis has acquired DLP player DeviceLock. The acquisition aligns with the increasingly prevalent role that data privacy plays in cybersecurity.
Cyberthreats are omnipresent for any enterprise. Monitoring ingress and egress points while still conducting business is a balance security professionals attempt to strike. Couple this with the continued security issues around remote work during the pandemic, and security teams have their hands full.
Navigating the vendor risk management space, particularly in the current environment that consists of a mix of cloud, managed services, and critical supply chain, is key to ensuring that you don’t inadvertently introduce new risks through this dynamic channel.
On May 26, Kenna Security released its new Prioritization to Prediction Benchmark Survey. This free tool provides organizations with the ability to compare their vulnerability management programs to industry averages Kenna Security has compiled over the years.
I recently had the opportunity to speak with Jason Rohlf, VP Solutions, Mark Scheinkoenig, VP Commercial Sales, and Emily Figg, VP Marketing about their GRC solution at Onspring to discuss the product audience and upcoming features.