Be part of in the present day’s main executives on-line on the Knowledge Summit on March ninth. Register right here.


Confronted with an overload of information and alerts from a big selection of cybersecurity instruments, enterprises are more and more targeted on simplifying their safety operations. One of many clearest indicators of that is the blossoming marketplace for prolonged detection and response (XDR), a expertise that integrates and correlates knowledge from varied safety instruments to assist corporations prioritize the most important threats.

The most recent cybersecurity vendor to announce a transfer into the XDR market is Qualys, which presents a cloud-based safety platform that gives visibility throughout a buyer’s cloud and on-premises environments in addition to endpoints and cell gadgets. Key capabilities embrace offering a full asset stock together with vulnerability administration and patch administration on the identical platform.

Now, Qualys is uniting all of these capabilities with a brand new providing—the Qualys Context XDR—combining the info from the corporate’s personal sensors with feeds from third-party instruments.

Lowering complexity

“That is one thing that’s going to assist clients cut back the complexity of a number of instruments, and it will assist them prioritize alerts and reply quicker,” mentioned Sumedh Thakar, president and CEO of Qualys, in an interview with VentureBeat. “That every one results in higher safety.”

The brand new Qualys XDR providing is available in response to requests from clients to assist with simplifying their safety and lowering “alert fatigue,” Thakar mentioned. The providing is now typically accessible as a module for the Qualys platform.

At current, the Qualys Context XDR has integrations with instruments from 40 different distributors, and the corporate says that extra are being added regularly. Among the many key integrations at the moment are Okta, Proofpoint, ServiceNow, and Slack. The seller mentioned it additionally has a “common functionality” within the works, which “will open this up for nearly all the things” {that a} buyer would wish to have built-in.

Whereas lower than 5% of organizations are utilizing XDR in the present day, that’s anticipated to climb to 40% by 2027, in accordance with a recent report from Gartner. Notably, the XDR area is already getting crowded, with the analysis agency tallying 19 main gamers within the area.

XDR distributors listed by Gartner within the report embrace Verify Level, Cisco, CrowdStrike, Cybereason, Microsoft, Palo Alto Networks, Sophos, and VMware. The report additionally mentions McAfee Enterprise and FireEye, which merged in October and rebranded as Trellix final month, with the said purpose of specializing in the XDR market.

‘Context-aware’ strategy

Qualys goals to face out available in the market with a uniquely “context-aware” XDR providing, made doable partially by the platform’s asset stock, Thakar mentioned.

“The place Qualys has the actual benefit is that we’ve the context of the asset, when it comes to the asset stock. We all know, what is that this asset operating? Is that this asset operating a database? Is it an internet server? Is it operating end-of-life software program?” he mentioned.

The platform additionally provides further context round whether or not an asset is larger danger, he mentioned—for example, as a result of it’s operating exploitable vulnerabilities or has configuration points.

“We don’t know anyone else who’s natively bringing the asset stock, vulnerability administration, patch administration, and all of that context collectively, proper in the identical XDR answer,” Thakar mentioned.

What the seller has heard from clients is that “the power to have the context actually helps them triage issues a lot faster,” he mentioned. “In any other case, you simply have enormous quantities of logs which are correlated into a lot of alerts, however you then miss the context.”

A latest survey from Development Micro discovered that enterprises usually have a mean of 29 totally different safety instruments, whereas the biggest organizations have a mean of 46. This has led to an lack of ability to successfully prioritize safety alerts, with many instruments going unused or underused, in accordance with the survey.

Response actions

With the Qualys XDR, clients get additional simplification from the truth that the platform can be used for patching and different response actions, in accordance with Thakar.

“Many of those XDRs don’t include the power to take a response motion—they’re extra targeted on risk detection. So they are going to inform you, ‘we detected this’—however then you need to go someplace else to get the context after which someplace else to go truly take an motion,” he mentioned. “So if the shopper is already operating the Qualys agent on their setting, now they’ll use the identical agent to patch the system and so they can use the identical agent to kill a course of.”

All in all, the Qualys Context XDR offers clients with “the power to prioritize to allow them to reply quicker—in order that they’re not drowning in alerts, and so they’re truly in a position to prioritize based mostly on the context of the asset,” Thakar mentioned.

“Then they cut back time to reply additional by utilizing the identical platform to additionally take response actions,” he mentioned. “All of this actually reduces the period of time the shopper is uncovered.”

Based in 1999, Foster Metropolis, California-based Qualys is publicly traded with a market capitalization of $4.88 billion as of Monday.

Source link