Security Risk Reduction:
Risks that threaten the security and availability of networks and applications range from newfound software and operating system vulnerabilities-announced at a rate of 155 a week in 2006-to mis-configurations and errors that easily creep into server, firewall, and end-point settings. Rapid changes within technology, new server and software deployments, and the evolving sophistication of attack methods used to infiltrate systems and steal data create the greatest set of challenges faced by security and IT administrators trying to keep their systems secure and within regulatory compliance.
It's impossible to secure what isn't measured. Without an accurate depiction of your network, the ability to identify real-world security threats and evaluate your organization's ability to respond, there's no way to improve, let alone understand, the true security posture of your infrastructure. More and more, companies seeking to better manage complex threats and increased regulatory demands are enhancing their security efforts by establishing effective and sustainable vulnerability and risk management programs that quantify their security progress to maintain the confidentiality, integrity, and availability of business data and networks.
II. Security Risk Reduction and Continuous Security Risk Improvement:
QualysGuard, from Qualys Inc., is the leading on-demand security risk reduction and compliance management solution. QualysGuard enables businesses of all sizes to strengthen the security risk of their networks through automated security audits that capture everything they need to quantify and measure their security posture, including the ability to: Discover and prioritize all network assets; proactively identify and fix security vulnerabilities; manage and reduce business risk; and ensure steady compliance with IT security laws, industry regulations, and internal security policies.
Delivered as an on-demand Web-based service, QualysGuard requires no hardware or software to install or maintain, is deployable in hours, and provides an immediate view of security and regulatory compliance readiness. With more than 150 million IP audits conducted annually, QualysGuard is the most widely deployed on-demand security solution in the world.
This paper details the essential aspects of a putting into place a measurable and sustainable vulnerability management program, and demonstrates how QualysGuard automates everything you need along the way.
ESSENTIAL STEP 1: Discover Baseline Network Assets
The first step is to establish an accurate baseline and map of your network. In this stage, each network asset needs to be identified: servers, desktops, notebooks, routers, wireless access points, networked printers, and other connected devices. This baseline provides the foundation for security risk reduction while managing and measuring your vulnerability management program. Your network baseline will continuously change as new servers, applications, and devices are deployed. That's why it's vital to have the ability to update the status of your network as often as needed have a secure risk reduction program.
How QualysGuard Automates Security Risk Reduction:
QualysGuard rapidly detects and identifies all of your networked IT assets-servers, desktops, routers, and other networked devices. QualysGuard makes no assumptions about any aspects of the infrastructure, and identifies all assets and vulnerabilities on all 65,536 ports. The result is a powerful and highly accurate baseline of your network that includes each connected device. The QualysGuard network map can be viewed as a visual representation or as a standard report.
The QualysGuard network map can be used to classify the business value of each device, and to obtain trend information on how well security efforts are improving over time. This powerful representation of your network also can be used to initiate on-demand or pre-scheduled scans to examine the security of each asset or area of your network.
