Qualys, Inc. a pioneer and leading provider of revolutionary cloud-based IT, security, and compliance solutions, today introduced Qualys Context XDR, the first context-aware XDR in the industry. The solution, which Qualys' highly scalable Cloud Platform powers, combines detailed asset inventory and vulnerability context, network and endpoint telemetry from Qualys sensors, high-quality threat intelligence, and third-party log data to identify threats and decrease warning fatigue swiftly.
When detecting and responding to cybersecurity attacks using siloed solutions that provide a narrow perspective, protecting environments against an overwhelming and continuously developing threat landscape can be stressful. Current SIEM and XDR solutions collect heterogeneous, unrelated logs passively and reactively, resulting in an avalanche of warnings that place the duty of correlation and prioritization on the analyst. To operate adequate security, risk, and compliance program, incident response and threat hunting teams require an accurate, comprehensive image of their attack surface.
"Attack surface complexity and diversity requires security teams to implement risk assessment strategies that help focus their limited resources on the critical assets most vulnerable to attack," said Dave Gruber, principal analyst for Enterprise Security Group. "Leveraging a single agent, the Qualys platform combines security risk posture data with native endpoint telemetry, and threat intelligence to align threat investigation and response activities with the most critical assets."
"Cybersecurity operators need risk awareness to prioritize the alerts, incidents, and threats bombarding our teams. Far too often, SIEM and XDR solutions deliver the data and expect us to make sense of it. However, true telemetry is so much more than just data. The ultimate goal is to integrate, correlate, and transform the data to provide meaningful context and actionable insights. Combining next-gen technology, such as Qualys, with our people and processes helps us proactively keep our clients resilient in the face of ever-evolving threats,"
John Ayers, vice president of Advanced Detection at Optiv
Qualys Context XDR offers the security context that operations teams require to avoid false positives and noise by triangulating risk posture, asset criticality, and threat information. This gives teams visibility, context priority, and relevant insights into assets, allowing them to rapidly make the most impactful decisions for increased protection. A vulnerability actively exploited by malware on an executive's computer or a susceptible server, for example, poses a greater danger to the organization than a system in a test environment and necessitates rapid action.
The Qualys Cloud Platform, which processes more than 10 trillion data points, collects IT, security, and compliance telemetry utilizing several native sensors and third-party logs to provide a broader perspective across worldwide networks. Qualys Context XDR takes advantage of this information, as well as the platform's cloud agent response capabilities – such as patching, fixing misconfigurations, killing processes and network connections, and quarantining hosts – to comprehensively remediate threats and boost the productivity of time-pressed security analysts.