Qualys recently made its Multi-Vector EDR offering generally available. The product takes the idea of endpoint detection and response (EDR) and applies it in a more holistic way that extends beyond the endpoint to provide additional context and insight.
When I first wrote about Qualys Multi-Vector EDR, I described it, “Multi-Vector EDR takes the concept of EDR and applies it more broadly to the entire environment. The Qualys Cloud Agent enables organizations to collect valuable telemetry that is sent to the Qualys Cloud Platform for deep analysis in real-time. Qualys Multi-Vector EDR provides comprehensive visibility and protection using a single cloud agent and eliminating the need to run an additional EDR agent on the endpoints.”
Qualys Multi-Vector EDR
EDR has gained significant traction in recent years as a more effective form of endpoint protection. Rather than relying on an ability to identify and block threats like traditional antimalware solutions, EDR monitors and records activity to recognize and respond to suspicious or malicious activity. There is no such thing as 100% protection, so it makes sense to view security from the perspective of effective and rapid response instead of the Quixotic goal of blocking everything bad from happening in the first place.
Qualys wanted to go a bit farther, though. EDR is, by definition, endpoint-centric. Qualys, however, is focused more broadly on the complete environment. With Multi-Vector EDR, Qualys takes the concept and principles of EDR and applies them to the whole network. Qualys believes that the broader context yields more valuable insight about suspicious or malicious activity, while reducing false positives.
In a press release for the availability of Multi-Vector EDR, Qualys cites three primary benefits of the product:
- Instant, real-time discovery of endpoints and their risk profile for continuous EDR monitoring across the enterprise.
- Prioritization of suspicious activities correlated with external threat intelligence and the context of other security vectors such as exploitable vulnerabilities, misconfigurations, and unapproved applications.
- Multi-tiered response capabilities to mitigate immediate risk and orchestration to natively patch and remediate endpoints to reduce the attack surface.
Qualys Cloud Platform
Organizations employ a variety of tools and processes to manage and monitor the security posture of their networks, applications, and data. Using separate point solutions quickly becomes cumbersome, though. IT teams may need to correlate information from multiple sources, and the variety of software agents necessary can tax the resources of servers and endpoints. One of the primary advantages that Qualys offers is that its solution provides comprehensive coverage—capable of protecting and monitoring the entire network from a single, lightweight agent.
The Qualys Cloud Platform and Qualys Cloud Agent enable vast amounts of IT, security, and compliance data to be collected and correlated. According to Qualys, the unified, holistic approach makes it easier for IT admins to administer all of their tools in one place without adding unnecessary complexity.
Infosys Cyber Next Platform
Qualys also recently announced that Infosys is integrating Qualys VMDR and Multi-Vector EDR into its Cyber Next Platform. Leveraging the Qualys solutions enables Infosys to enhance support for real-time detection and response of security incidents for their managed service customers.
“We are pleased to partner with Qualys to deliver VMDR and Multi-Vector EDR solutions via our global distributed network of Infosys Cyber Defense Centers,” said Vishal Salvi, chief information security officer & head, Cyber Security Practice, Infosys in a press release. “The highly scalable Qualys Cloud Platform, with its lightweight agent, sensors and its forthcoming incidence response capabilities, provides us with intelligent analytics that we need to effectively protect our clients. This functionality strengthens our Cyber Next platform powered services to provide deep visibility and actionable insights, thereby assuring digital trust.”
- Detecting Anomalies with ‘Project Caspian’ - February 19, 2024
- The Strategic Partnership Elevating API and Endpoint Security - February 15, 2024
- Simplifying Cybersecurity from Confusion to Clarity - February 12, 2024