Qualys Unveils TotalCloud 2.0
February 2024 by Marc Jacob
Qualys, Inc. unveiled TotalCloud 2.0. This significant upgrade to Qualys’ AI-powered cloud native application protection platform (CNAPP) delivers a single prioritized view of cloud risk and is the first to extend its protection to SaaS applications.
The shift toward multi-cloud and SaaS environments presents organizations with the opportunity for innovation and agility but also introduces complex security challenges. This has led to the adoption of numerous security tools, each providing different and sometimes conflicting perspectives on the organization’s risk level. Navigating these diverse risks across fragmented environments poses a challenge for organizations, impeding effective risk prioritization, reporting and remediation.
TotalCloud 2.0 with TruRisk Insights provides a single, prioritized view of cloud risk. The solution correlates unique indicators from diverse Qualys sources, such as Cloud Workload Protection (CWP), Cloud Security Posture Management (CSPM), and Cloud Detection and Response (CDR). It combines these with SaaS and infrastructure posture to allow organizations to fix the most harmful threats quickly.
Qualys TotalCloud 2.0 with TruRisk Insights
Qualys TotalCloud 2.0’s enhancements streamline operations by providing:
TruRisk Insights: Singular, Prioritized View of Cloud Risk – TruRisk Insights streamlines the identification of the highest-risk assets. In analyzing anonymized customer data[1], Qualys found 120,000+ internet-accessible cloud workloads, with less than 10% having confirmed vulnerabilities. Qualys TruRisk Insights correlated risk indicators and identified less than 0.3% of workloads with a confluence of suspicious activities, malware, and misconfigurations. This streamlined focus allowed organizations to prioritize critical issues by eliminating 99% of workloads that didn’t require immediate attention. Additionally, TotalCloud 2.0 integrates data from your External Attack Surface Management (EASM) solutions, giving you visibility into how external threats may perceive and target your cloud assets.
Comprehensive Protection for SaaS Applications – Today’s threats extend beyond public cloud into organizations’ critical SaaS applications. Without adequate protection, these applications can serve as entry points for lateral movement into the cloud environment. The recent SEC regulation mandates that all public companies are now obligated to disclose cyber incidents and meet cybersecurity readiness requirements for data stored in SaaS systems. TotalCloud is the first CNAPP solution to incorporate SaaS security posture management (SSPM) ensuring that configurations and permissions in apps like Microsoft 365, Zoom, Slack, Google Workspace, etc. are seamlessly integrated into your overall security posture for enhanced decision making.
Supply Chain Risk Mitigation - TotalCloud effortlessly scans all open-source software pre-and-post deployment across various compute workloads, including containers, utilizing both agent and agentless techniques. This comprehensive approach significantly diminishes supply chain risk by identifying vulnerabilities across multi-cloud environments.
Operationalized Risk Reduction – Streamlines operations and removes silos between IT and security with ITSM integrations. Automatically assign tickets and enable orchestration of remediation with your ITSM tools such as ServiceNow and JIRA to significantly reduce risk and speed mean time to remediation.
- Availability
TotalCloud with TruRisk Insights is immediately available. To sign up for a free trial, visit qualys.com/totalcloud-2-demo. Learn more by reading our blog, Announcing TotalCloud 2.0: The Future of Cloud Security or registering for our thought leadership event, Cyber Risk Series: Cloud Security Edition, moderated by cloud expert, David Linthicum.