|
Network security professionals are besieged by a nonstop flood of new software vulnerabilities, easy-to-get hacker toolkits, and an army of technology criminals eager to exploit network weaknesses for fun or profit. And despite defensive efforts with firewalls, intrusion detection, antivirus and the like, criminals, careless employees and contractors have exposed more than 158 million digital records of consumers’ personally identifiable information since 2005. Clearly, a more comprehensive defense-in-depth strategy is required. Core to this approach, security professionals are turning to continuous vulnerability management to find and quickly fix weaknesses in network security, and to document compliance with security and consumer privacy regulations. This security guide describes these requirements and on demand software-as-a-service (SaaS) solution called QualysGuard for effective vulnerability management and policy compliance.
Critical Need for Stronger Network Security
The risk of malicious attacks has never been higher for organizations that do not use vulnerability management to control software or configuration holes in the network. Successful exploits by hackers and criminals use viruses, worms, rootkits, phishing or other automated attack techniques in order to leverage vulnerabilities in unpatched devices and misconfigured systems.
Fallout from a successful network breach includes immediate, direct costs of repairing damage to enterprise data, systems, software and networks. Organizations may also suffer IT business system downtime, stolen intellectual property or personally identifiable information of employees, contractors and customers; exposure of business strategies or product plans; regulatory, civil or criminal penalties for non-compliance; lawsuits from customers and business partners; loss in product market share; loss in value of public stock equity; difficulty in securing new financing; and loss of trust by customers and business partners. Prudent organizations control these risks by using vulnerability management to plug holes and strengthen network security.
Recent Breaches and Data Exposure
TJX Companies exposed 45,700,000 credit card and debit card account numbers, and 455,000 records with customers’ name and driver’s license number.
DSW Inc. exposed 1,400,000 customer credit card, debit card and checking account information.
CardSystems Solutions, Inc. exposed 40,000,000 credit card records with names, banks and account numbers.
Chicago Voter Database exposed 1,350,000 voter Social Security numbers and birthdates. University of California – Los Angeles exposed 800,000 current and former student, faculty and staff records of name, Social Security number, home address and contact information.
QualysGuard – SaaS-based Vulnerability Management for Stronger Security and Verification of Compliance
QualysGuard uses a software-as-a-service delivery model to automate workflow of vulnerability and compliance management. Automation is a requirement because attacks are continuous – the result of technology that automatically mutates an assault until it finds a hole that works. The SaaS secure architecture allows QualysGuard to be available for use 24x7 as often as required, scaling to any-sized network, anywhere in the world. QualysGuard allows organizations to: Discover and manage all devices and applications on the network By simply entering a range of IPs to be scanned into QualysGuard, it will automatically identify and map every device on all 65,536 ports in the network. The resulting map helps classify and prioritize each asset by business value. Its database can then be used on demand to identify vulnerabilities affecting specific machines by policy and configuration.
Identify and remediate network security vulnerabilities
QualysGuard automatically scans IPs on your network and matches their state to the industry’s largest KnowledgeBase of vulnerability signatures, updated daily for Six Sigma accuracy. QualysGuard classifies and categorizes each vulnerability discovered on your network. Remediation workflow includes a prioritized to-do list based on IT asset values and vulnerability criteria. Qualys- Guard provides links to patches, fixes and workarounds for all vulnerabilities. Measure and manage overall security exposure
Comprehensive, easy-to-understand reports quantify enterprise security posture. Technical reports guide vulnerability management and remediation. Executive dashboards present security posture in laymen’s terms for non-technical managers and executives.
Ensure compliance with internal policies and external regulations QualysGuard automatically generates reports documenting compliance with security scanning requirements of many laws, regulations and auditors, including PCI, HIPAA, GBLA, Sarbanes-Oxley, SB 1386, FISMA, the European Directive, and internal policies.
QualysGuard Benefits Ease of Deployment
Deploying QualysGuard is simple. Vulnerability scans and management require no special hardware or software. A standard web browser allows administrators to run role-based scans, view findings, operate remediation workflow and download patches.
|
