Qualys has announced Multi-Vector EDR 2.0 with additional threat-hunting and risk mitigation capabilities improving alert prioritisation and reducing the time needed to respond to threats.
“Traditional EDR products solely focus on detecting threat activity on the endpoint, but what organisations want is to mitigate overall security risk to avoid attacks,” said Sumedh Thakar, President and CEO of Qualys. “By combining Qualys Multi-Vector EDR with VMDR and patch management, Qualys helps organisations focus on eliminating the riskiest threats quickly while strengthening their cyber resilience.”
Security practitioners are inundated with alerts, which burdens them to prioritise the ones that represent the riskiest threats, wastes their valuable time, and exposes their organisations to increased risk. Yet, traditional endpoint detection and response (EDR) solutions still focus solely on endpoint activity to detect attacks and incorporate only MITRE ATT&CK techniques – not tactics. As a result, practitioners are forced to rely on additional tools to improve their cyber risk posture leading to slow and incomplete threat remediation actions. EDR needs to evolve to scale and provide more meaningful threat context, in near real time, to meet the challenges of the modern threat landscape.
The updated Qualys Multi-Vector EDR operationalises MITRE ATT&CK tactics and techniques allowing security practitioners to quickly analyse and respond to threats. Additionally, the Qualys Cloud Platform’s extended prediction and prevention capabilities provide orchestrated access to multiple context vectors including asset criticality, vulnerabilities, system misconfigurations, and recommended patches via a single agent and unified dashboard.
Qualys Multi-Vector EDR’s comprehensive approach prevents future attacks by identifying and eliminating vulnerabilities exploited by malware. Through native integration with Qualys VMDR, practitioners can pivot from a single malware incident, such as Conti, to identifying all assets susceptible to CVEs associated with the malware and then patch via Qualys Patch Management.
Qualys Multi-Vector EDR provides:
- Comprehensive Threat Response – the solution leverages dynamic analysis from MITRE ATT&CK Threat Context Mapping and the rich Qualys Cloud Threat Database to prioritize threat response and improve the remediation of vulnerabilities and system misconfigurations.
- Holistic Multi-Vector Security – Native integration with other Qualys Cloud Platform apps provides the risk posture and rich asset criticality context that eliminates the blind spots of stand-alone EDR solutions while also improving remediation and response times.
- Easy to Deploy, Use and Manage – Organizations can enable EDR with one click on a single agent providing asset inventory and vulnerability risk context along with patch management to comprehensively reduce the risk of compromise.
Qualys successfully participated in its first year of MITRE Engenuity Evaluations, round 4. Its Multi-Vector EDR detected the simulated adversary throughout the attack chain. Overall, the solution detected 100% of the tested steps and returned 74% visibility into the entire attack chain. The results attest to how Multi-Vector EDR leverages the Qualys Cloud Platform to sift through the noise to surface the data that matters most to the security team while also providing detections throughout the attack.
Discussion about this post