Qualys and RSA expand IT-GRC collaboration

Qualys and RSA expanded their technology collaboration to make QualysGuard vulnerability management and IT policy compliance data available to RSA’s client base.

The integration of QualysGuard Policy Compliance with RSA’s Archer GRC Framework is designed to allow organizations to automatically import comprehensive policy compliance scan information and report on misconfigurations identified on their global assets in a single view. They can then assign ownership to individual issues, track remediation efforts or accept the associated business risk.

The Qualys and RSA integration helps enable joint customers to:

• Quickly report on misconfigurations affecting business-critical assets
• Measure technical control effectiveness to corporate security policies
• Map security issues to business applications and roll-up risks across their enterprise
• Access centralized compliance reporting in one central location.

This pre-built integration is available on RSA’s Archer Exchange, an online marketplace supporting enterprise governance, risk and compliance (GRC) initiatives. Companies can download the QualysGuard Policy Compliance integration package and import it into RSA’s Archer GRC Framework with no services or development resources needed.

QualysGuard Policy Compliance allows security managers to collect compliance information from hosts and systems on a global scale. It extends the global scanning capabilities of QualysGuard Vulnerability Management to collect operating system configuration and application access controls from hosts and other assets within the enterprise, and maps this information to user-defined policies in order to accurately document compliance with security regulations and business mandates.