Qualys recently announced the expansion of its CyberSecurity Asset Management to include identification of unmanaged and untrusted devices in real-time. By engaging the capabilities of the Qualys Cloud Agent, the system perpetually monitors network activity, employing a passive discovery approach that enhances scans, agents, and API-based discovery methods. This results in a comprehensive asset inventory, the ability to calculate the 'TruRisk' of each asset and implement risk elimination measures based on business impacts.

According to reports, 69% of organisations have faced a cyberattack which resulted from the exploit of an unknown or unmanaged asset that could be anything - from software, cloud-based workloads to user accounts and Internet of Things (IoT) devices. To tackle such security threats, Qualys has now improved its Cloud Agent to offer passive sensing. This empowers security teams to defend against threats originating from within the internal network, with no disruption to operations.

This passive sensing adds a new dimension to Qualys CyberSecurity Asset Management's capabilities, solidifying its position as an industry leader in managing internal and external attack surfaces. Customers using Qualys Cloud Agents for network surveillance have reported an average 34% increase in the identification of unmanaged and untrusted assets, which enhances their vulnerability management programs with essential business context and risk evaluations.

Gary Bowen, director of Security Operations at Brown & Brown Insurance, remarked on the impact of the new functionality. He said, "The Qualys Cloud Agent passive sensor has proven to be a game-changer, providing us with unparalleled visibility and immediate insights across our hybrid IT and OT domains, all without the complexities of identifying optimal locations for network taps. By helping to eradicate blind spots, this passive sensing capability empowers our security teams to identify and address potential risks the moment they arise, offering a comprehensive view of cyber risk across our entire attack surface."

Qualys CyberSecurity Asset Management's passive sensing provides organisations with complete internal attack surface coverage, laying the foundation for Zero Trust Security Architecture. It proactively identifies unauthenticated or otherwise untrusted devices connected to the network in real time, providing an accurate cyber risk assessment without incurring extra costs or needing additional resources. It also boosts CMDB accuracy and coverage by adding newly discovered assets to the configuration management database (CMDB), empowering IT with total visibility to manage asset inventory lifecycle and mitigate cyber risk.

Qualys CEO Sumedh Thakar noted how the addition of passive discovery to Qualys' deployed Cloud Agents offers organisations a unique attack surface coverage expansion that requires no extra overheads or resources. He said, "Bringing significantly more visibility to unknown devices as part of their risk management programs, CISOs now have an ace-in-the-hole to defend against shadow IT, a huge step as organisations move toward a Zero Trust Security Architecture."

The company announced that Qualys Cloud Agent Passive Sensor is now available as part of its CyberSecurity Asset Management application.