Home > Research > Qualys Unveils Its New Vulnerability Management, Detection, and Response Matrix

Qualys Unveils Its New Vulnerability Management, Detection, and Response Matrix

Qualys’ newest product, VMDR (Vulnerability Management, Detection, and Response), will hit the public market in March. Debuted at a live demo on February 25 at the Qualys Security Conference 2020 San Francisco, VMDR will provide an all-in-one cloud-based solution for vulnerability management. VMDR will automate the entire management cycle on all endpoints. The goal is to synergize aspects of endpoint solutions into one application for better management and visibility.

Source: Qualys. Accessed March 17, 2020.

VMDR takes endpoint solutions that can be separate instances and consolidates them into one management cycle. Qualys approaches vulnerability management along with its additional components of threat detection and prioritization, responses and patch management, and asset management. The entire dashboard allows administrators to analyze the riskiest vulnerabilities of the most critical assets first.

VMDR has a few key benefits:

  • It’s all in the cloud. No need for bulky appliances. Everything is in the cloud and ready to run.
  • It’s easy to deploy. Deployment is simple. With an unlimited virtual scanner, you can pin a scanner up and be ready to go in no time.
  • It includes Vulnerability Management (VM). VMDR has the same vulnerability management solution that you have come to know and trust, as well as many other great apps.
  • It saves time and money. Using a single cloud platform saves significant resources and the time required to otherwise install agents and consoles.

VMDR also allows you to see every asset on your network, including the unmanaged assets. This includes assets on your premises, endpoints, cloud assets, containers, operational technology (OT), and Internet of Things (IoT) environments. VMDR assesses these assets from all these vectors and analyzes the exploitable vulnerabilities for patching and remediation. VMDR automates the entire process and accelerates an organization’s ability to respond to, detect, and prevent possible threats

Our Take

Qualys’ VMDR takes four separate entities of IT security and merges them into one cycle. These four aspects flow well into one another, and it only makes sense to have a process that encapsulates them all.

Particularly of note is VMDR’s ability to detect unseen assets on your network. Shadow IT is a common problem for enterprises as they continue to grow. By being able to detect these unauthorized assets and see their vulnerability ratings, a business can make informed decisions as to their merit and/or risk to its IT security program.

VMDR also works to patch the vulnerabilities that have been identified. After prioritizing your vulnerabilities, VMDR works to remediate them. VMDR scans and downloads the latest patch to make sure that your enterprise is always equipped with the latest version. Vulnerability management and patch management are intertwined aspects of IT security. By having these aspects work in tandem within one program, VMDR can expedite the process while providing consistency in your security measures. This reduces the vulnerabilities for an operations team, saving time and effort.

Qualys provides a full list of the VMDR workflow processes on its site. The consolidation of separate programs into one application is great for cutting down asset management and redundancies in your programs array. Qualys will also roll out a free version of the program with some VMDR functionalities to all its existing customers at no extra cost. The pricing is based on a per asset basis, starting at $199 and a minimum of 32 assets. We’ll be following VMDR to see its impact within the vulnerability management market and its emotional footprint for users.


Want to Know More?

Develop and Deploy Security Policies

Build a Vendor Security Assessment Service