Qualys has announced that it is expanding its endpoint security solution, adding the ability to detect and block advanced threats in real time. This expansion adds to the Qualys Cloud Agent’s comprehensive capabilities of inventory, vulnerability management, patching and endpoint detection and response (EDR).
Traditional EDR/EPP solutions focus only on malicious activities, and risk mitigation solutions focus on vulnerabilities and patch management. This approach does not provide a complete picture of the environment, its attack surfaces, and the weaknesses that cybercriminals can exploit, and it doesn’t provide the ability to natively remediate the root cause of most of the cyberattacks – unpatched vulnerabilities. Qualys removes these blind spots by combining risk mitigation, threat detection and response into a single solution.
“Malicious attacks are growing in sophistication and volume year over year and security teams need a combination of proactive protection against known malware and the ability to identify and respond to new unknown threats quickly,” said Michael Suby, Vice President of research at IDC. “Qualys Multi-Vector EDR with endpoint protection brings together multiple context vectors, a unified, always updated view of the entire attack chain, and the ability to block threats giving security teams a broader, seamlessly integrated approach to endpoint security that delivers holistic prevention, protection, detection and response.”
Qualys Multi-Vector EDR with malware protection combines the technologies required to stop attacks, threats, and breaches. It delivers real-time detection and response to remove malicious files and processes, leverages comprehensive threat intelligence to detect advanced threats, and maps endpoint activity to the MITRE ATT&CK tactics and techniques.
Qualys Multi-Vector EDR adds anti-malware protections to:
- Automatically Quarantine Malware – actively scan all system files including incoming files for malware and automatically quarantine infected files.
- Detect Advanced Threats – monitor active applications and processes for malicious behaviour to protect against new and unknown malware variants.
- Prevent Memory Exploitation – monitor system processes to protect against memory exploitation used by zero-day threats and file-less attacks.
- Stop Malicious Traffic – scan incoming emails and web traffic in real time to protect against brute-force attacks, network exploits and password theft.
- Prevent Phishing – automatically block known phishing web links to keep users and networks secure.
“Qualys Multi-Vector EDR leverages the power of the Qualys Cloud Platform and Cloud Agent to correlate billions of global events with threat intel, analytics and machine learning to provide holistic visibility, protection and response to cyberthreats across global hybrid environments,” said Sumedh Thakar, president and CEO at Qualys. “With the addition of real-time blocking protection, the Qualys Cloud Agent can now help organisations eliminate multiple agents from their endpoints thus drastically reducing complexity and cost.”
Qualys Multi-Vector EDR with endpoint protection is available via a public beta for Windows endpoints and will be generally available in late May.
Discussion about this post