Qualys unveils TruRisk Eliminate to streamline cybersecurity
Qualys has announced the launch of Qualys TruRisk Eliminate, a comprehensive remediation solution designed to address cybersecurity vulnerabilities beyond traditional patch management.
The new platform is set to provide innovative remediation methods when patching is not feasible, including patchless patching, targeted isolation, and other mitigation strategies aimed at ensuring robust protection.
Melinda Marks, practice director of cybersecurity at Enterprise Strategy Group, highlighted the challenges faced by organisations in vulnerability management.
She stated, "Although patching is an essential part of vulnerability management to mitigate risk, there are some use cases where it isn't possible, or doing so requires outages or downtime that can impact operations. In some cases, such as new exploits or zero-day vulnerabilities, a patch may not even be available."
Qualys aims to address these challenges with TruRisk Eliminate. The platform augments its existing vulnerability management capabilities by integrating new methods to efficiently mitigate risk without solely relying on patches. Marks added, "Now with TruRisk Eliminate, Qualys augments its vulnerability management capabilities with an innovative solution to efficiently mitigate risk with patchless approaches to remediating vulnerabilities, helping security teams better align with and support business operations."
Sumedh Thakar, president and CEO of Qualys, commented on the broader impact of the new platform. "Five years ago, Qualys disrupted the vulnerability management space with integrated patch management to help organisations streamline and accelerate threat remediation. Now, we're taking the next step with TruRisk Eliminate, offering businesses innovative ways to mitigate risk even when patching isn't an option," said Thakar. "With TruRisk Eliminate, we provide enterprises with peace of mind through powerful solutions that address their most pressing threats and ultimately de-risk their businesses."
Qualys TruRisk Eliminate equips security and IT teams with tools to address critical vulnerabilities, either through patching or alternative methods. The platform is designed to reduce friction in current processes, thereby enabling Chief Information Security Officers (CISOs) and Chief Information Officers (CIOs) to effectively reduce risk. It also streamlines the response to cyber threats by offering more flexibility and options tailored to an organisation's unique operational needs, remediation timelines, and business objectives.
The platform introduces TruRisk Mitigate, which deploys advanced risk mitigation controls based on the recommendations of vendors, the Cybersecurity and Infrastructure Security Agency (CISA), and the Qualys Threat Research Unit. It involves implementing configuration changes via advanced scripting for both Linux and Windows environments.
Additionally, TruRisk Isolate is introduced to empower teams to proactively quarantine risky assets, thereby preventing security incidents from spreading within the network. This proactive approach contrasts with the traditional method of quarantining assets post-incident through Endpoint Detection and Response (EDR) systems.
The solution integrates well with existing IT operations and ticketing workflows, leveraging out-of-the-box integrations with IT Service Management (ITSM) tools such as ServiceNow and JIRA.
This integration aims to drive patching, mitigation, and isolation processes directly through existing IT operations in a manner fully integrated with Qualys Vulnerability Management, Detection and Response (VMDR), and Patch Management.
The integrated Qualys Qflow capability automates complex, multi-decision risk remediation tasks. This feature can execute mitigations for CISA Known Exploited Vulnerabilities (KEVs) when patches are unavailable and allows for the unquarantining of high-risk assets only upon the closing of vulnerabilities.
Qualys' new platform is also designed to help organisations meet compliance requirements by offering coverage for nearly 100% of CISA Known Exploited Vulnerabilities and ransomware vulnerabilities, both with and without patches. This approach aims to balance business continuity with risk reduction.
Qualys TruRisk Eliminate is anticipated to be available in September. The launch was announced at the Black Hat 2024 conference, where Qualys demonstrated the platform's functionality to potential users.