Bringing security into IT and application infrastructures

In this podcast recorded at Black Hat USA 2016, Chris Carlson, VP of Product Management, Cloud Agent Platform at Qualys, talks about a new trend in bringing security into IT and application infrastructures, as well as working with the DevOps team for increased security.

A lot of security is built on security in-depth, layers of security, bringing the end prevention capabilities. Since the threat landscape, techniques and adversaries are changing quickly, sometimes prevention doesn’t work and you need to be able to restore your capabilities. The question is: how can we build the concept of protection into the IT and application infrastructure?

Qualys Cloud Agent extends your security throughout your global enterprise. These lightweight agents (3MB) are remotely deployable, centrally managed, self-updating and consume very little CPU resource (5% at peak to less than 2% in normal operation). They collect the data and automatically beam it up to the Qualys Cloud Platform, which has the computing power to continuously analyze and correlate the information in order to help you identify threats and eliminate vulnerabilities.

Additionally, using the Qualys asset tagging solution, assets with deployed agents can automatically or manually provide attribute updates to the Qualys Cloud Platform such as the asset group, business owner, technical owner and criticality of the device.

Qualys provides continuous Vulnerability Assessment services for Microsoft Azure virtual assets from within Azure Security Center’s unified security management and monitoring service. This integration allows Qualys customers to easily and automatically scan their Microsoft Azure environments, and incorporate those findings into their overall single view of security and compliance posture.