Qualys Threat Protection.

Pinpoint your most critical IT security threats and prioritize patching.

Industry-leading cloud service for taking full control of evolving threats and identifying what to remediate first

Qualys not only highlights and ranks the vulnerabilities, but also makes precise recommendations for how best to remediate them – a critical advantage for teams in smaller business units that may have limited IT security resources.
John Bruylant Group CTO at Sodexo

Prioritize vulnerability remediation with automated and streamlined analysis

An introduction (01:36)

Demo: Search for a critical exploit (02:49)

Demo: Responding to a suspicious device (03:26)

Qualys Threat Protection Highlights

Robust data analysis

Threat Protection continuously correlates external threat information against your vulnerabilities and IT asset inventory, leveraging Enterprise TruRisk Platform’s robust back-end engine to automate this large-scale and intensive data analysis process. With thousands of vulnerabilities disclosed annually, you’ll always know which ones pose the greatest risk to your organization at any given time.

The Live Feed

As Qualys engineers continuously validate and rate new threats from internal and external sources, Threat Protections’s Live Threat Intelligence Feed displays the latest vulnerability disclosures and maps them to your impacted IT assets. You can see the number of assets affected by each threat, and drill down into asset details.

Centralized control and visualization panel

A single, dynamic dashboard includes customizable views, graphs and charts giving you a clear and comprehensive view of your threat landscape at a glance in real time. You can create multiple dashboard views, and break down vulnerabilities by real-time threat indicator (RTI) types, such as zero-day exploits.

Powerful search function

Threat Protection’s search engine lets you look for specific assets and vulnerabilities by crafting ad hoc queries with multiple variables and criteria. You can sort, filter, drill down and fine-tune results. Queries can be saved and turned into dashboard widgets, which can display trend graphs for up to 90 days.

Qualys Threat Protection: Summary view | Qualys

Mesh your IT asset inventory data with threat information

Threat Protection continuously correlates external threat data with vulnerability gaps in your IT environment, so your remediation prioritization decisions are rooted in concrete, up-to-date, applicable data, not in guesswork or arbitrary schedules. That way, you’ll stay a step ahead of hackers, patching bugs before bad guys exploit them.

Leverages the comprehensive IT asset cataloging of Qualys Global AssetView and the Six Sigma vulnerability detection accuracy of Qualys VMDR.
Lets you prioritize remediation with precision and nimbleness in a continual, contextual and automated manner, so the constant stream of bug disclosures don’t overwhelm you
Connects the dots and flags at-risk IT assets wherever they reside – on premises, in cloud environments or at mobile endpoints
Helps improve the efficiency of DevOps teams by bringing threat prioritization clarity into the application development and deployment lifecycle
Gives you a dynamic snapshot of all the vulnerabilities that exist in your IT environment at any given moment
Using actionable intelligence, allows you to assess how critical certain threat scenarios are in your organization’s specific context, since every IT environment is different

Qualys Threat Protection: Summary view | Qualys

Qualys Threat Protection: Asset view | Qualys

Look for specific assets and vulnerabilities

Threat Protection’s search engine gives you a powerful tool to look for specific assets and vulnerabilities. You can quickly and proactively identify systems across your entire environment exposed to specific threats, and take remediation steps right away. The search syntax is intuitive and the product has a query auto-complete feature. Threat Protection’s search engine lets you:

Craft ad hoc queries with multiple variables and criteria – such as asset class, vulnerability type, RTI, tag and operating system – so you can, for example, look for all vulnerabilities that have a severity rating of “5”, are easy to exploit and were disclosed within the last five days
Sort, filter and refine search results
Save any search, download results and share them
Turn queries you run regularly into permanent dashboard widgets whose information is dynamically updated in real time

Qualys Threat Protection: Asset view | Qualys

Qualys Threat Protection: LIve Feed view | Qualys

See a live feed of vulnerability disclosures

Threat Protection’s Live Threat Intelligence Feed keeps organizations up to date on the latest vulnerabilities and news, so you’re informed about new disclosures and about existing bugs whose risk severity has increased.

Plugs into the fire hose of external vulnerability disclosures, so you’re aware of the latest threats out in the wild
Displays how many of your IT assets are impacted by each disclosure, thanks to the product’s powerful data correlation capabilities.
Segments its content into different columns, including one for “high rated” items Qualys flags and another one for your handpicked “favorites” that you can pin to the feed UI
Lets you click on feed entries and drill down into details and more granular information of a particular vulnerability and of the affected IT assets
Allows you to fine-tune and narrow down the feed list by filtering and sorting items according to a variety of criteria, and download that set for remediation teams

Qualys Threat Protection: LIve Feed view | Qualys

Qualys Threat Protection: Widget wizard | Qualys

Identify and weigh characteristics that intensify a vulnerability’s danger

Threat Protection appends real-time threat indicators (RTIs) to vulnerabilities, tapping findings from Qualys and external sources. Combining this threat data with internal criteria, such as an asset’s role, helps you prioritize remediation. For example, you can see all RTIs for vulnerabilities on a host, and drill down to specific vulnerabilities behind an RTI. Threat Protection RTIs include:

ZERO DAY – Vulnerabilities for which there is no vendor patch available and for which an active attack has been observed in the wild
PUBLIC EXPLOIT – Vulnerabilities whose exploit knowledge is well known and for which exploit code exists and is publicly available
ACTIVELY ATTACKED – Vulnerabilities that are being actively attacked in the wild
HIGH LATERAL MOVEMENT – Vulnerabilities that, if compromised, let the attacker propagate the attack broadly throughout the breached network
EASY EXPLOIT – Vulnerabilities that can be exploited easily, requiring few skills and little knowledge
HIGH DATA LOSS – Vulnerabilities whose exploit will yield massive data loss
DENIAL OF SERVICE – Vulnerabilities whose payload could overload or crash the compromised systems so that they become permanently or temporarily unavailable
NO PATCH – Vulnerabilities for which there isn’t a fix from the vendor
MALWARE – Vulnerabilities associated with malware infection
EXPLOIT KIT – Vulnerabilities for which an exploit kit is available

Qualys Threat Protection: Widget wizard | Qualys

Qualys Threat Protection: Dashboard view | Qualys

Centrally control and visualize the IT threat prioritization process

Customizable dashboards with dynamic widgets help you see your threat landscape in a holistic, consolidated way. You can drill down on the data, mine it for patterns, slice and dice it, aggregate it in custom reports and represent it graphically. This visualization and analysis yields deep insights for patch prioritization.

Includes a view for the live feed, as well as a variety of widgets based on RTIs, in the default dashboard setup
Allows you to create customized dashboards tailored for different IT and business roles
Lets you click through and access more information about the assets flagged as vulnerable
Allows you to create dashboard widgets manually or from any search query
Lets you set specific thresholds for widget data, and trigger certain actions in response, such as the widget’s background color changing from green to red
Sends you notifications when used in conjunction with Qualys Continuous Monitoring
Generates reports that you can quickly and easily share across the IT department with those responsible for patching the affected systems
Displays trend indicators in widgets, showing data fluctuations over time

Qualys Threat Protection: Dashboard view | Qualys

Powered by Enterprise TruRisk Platform

Single-pane-of-glass UI

See the results in one place, in seconds. With AssetView, security and compliance pros and managers get a complete and continuously updated view of all IT assets — from a single dashboard interface. Its fully customizable and lets you see the big picture, drill down into details, and generate reports for teammates and auditors. Its intuitive and easy-to-build dynamic dashboards to aggregate and correlate all of your IT security and compliance data in one place from all the various Qualys Cloud Apps. With its powerful elastic search clusters, you can now search for any asset – on-premises, endpoints and all clouds – with 2-second visibility.

Centralized & customized

Centralize discovery of host assets for multiple types of assessments. Organize host asset groups to match the structure of your business. Keep security data private with our end-to-end encryption and strong access controls. You can centrally manage users’ access to their Qualys accounts through your enterprise’s single sign-on (SSO). Qualys supports SAML 2.0-based identity service providers.

Easy deployment

Deploy from a public or private cloud — fully managed by Qualys. With Qualys, there are no servers to provision, software to install, or databases to maintain. You always have the latest Qualys features available through your browser, without setting up special client software or VPN connections.

Scalable and extensible

Scale up globally, on demand. Integrate with other systems via extensible XML-based APIs. You can use Qualys with a broad range of security and compliance systems, such as GRC, ticketing systems, SIEM, ERM, and IDS.

Learn more about Enterprise TruRisk Platform

See for yourself. Try Qualys for free.

Start your free trial today. No software to download or install. Email us or call us at 1 (800) 745-4355.

Platform
- | Platform
- Overview
- Enterprise TruRisk Platform
  Everything you need to measure, manage, and reduce your cyber risk in one place.
- Capabilities
- All
  - | Platform
  - Asset Management
  - CyberSecurity Asset Management (CSAM)
    See entire attack surface, continuously maintain your CMDB, and track EOL/EOS software
    
    External Attack Surface Management (EASM)
    Gain an attacker’s view of your external internet-facing assets and unauthorized software
  - Vulnerability & Configuration Management
  - Enterprise TruRisk Management (ETM) ^NEW
    Consolidate & translate security & vulnerability findings from 3rd party tools
    
    TotalAI ^NEW
    Holistic AI security with vulnerability assessment and protection
    
    Vulnerability Management, Detection & Response (VMDR)
    Discover, assess, prioritize, and patch critical vulnerabilities up to 50% faster
    
    Enterprise TruRisk Management (ETM)
    Consolidate & translate security & vulnerability findings from 3rd party tools
    
    Web App Scanning (WAS)
    Automate scanning in CI/CD environments with shift left DAST testing
    
    API Security
    Scan REST/SOAP APIs & check API compliance with shift-left API testing
  - Risk Remediation
  - TruRisk Eliminate (TE) ^NEW
    Address critical vulnerabilities with flexible, patchless solutions
    
    Patch Management (PM)
    Efficiently remediate vulnerabilities and patch systems
    
    Custom Assessment and Remediation (CAR)
    Quickly create custom scripts and controls for faster, more automated remediation
  - Threat Detection & Response
  - Multi-Vector EDR
    Advanced endpoint threat protection, improved threat context, and alert prioritization
    
    Context XDR
    Quickly create custom scripts and controls for faster, more automated remediation
  - Compliance
  - Policy Compliance
    Reduce risk, and comply with internal policies and external regulations with ease
    
    File Integrity Monitoring (FIM)
    Reduce alert noise and safeguard files from nefarious actors and cyber threats
  - Cloud Security
  - TotalCloud (CNAPP)
    Cloud-Native Application Protection Platform (CNAPP) for multi-cloud environment.
    
    Cloud Security Posture Management (CSPM)
    Continuously discover, monitor, and analyze your cloud assets for misconfigurations and non-standard deployments.
    
    Infrastructure as Code Security (IaC)
    Detect and remediate security issues within IaC templates
    
    SaaS Security Posture Management (SSPM)
    Automate the process of managing your SaaS apps, including global settings, user privileges, licenses, files, and their security and compliance posture.
    
    Cloud Workload Protection (CWP)
    Detect, prioritize, and remediate vulnerabilities in your cloud environment
    
    Cloud Detection and Response (CDR)
    Continuous real-time protection of the multi-cloud environment against active exploitation, malware, and unknown threats.
    
    Kubernetes and Container Security (KCS)
    Discover, track, and continuously secure containers – from build to runtime
- Asset Management
  - | Platform
  - Asset Management
  - CyberSecurity Asset Management (CSAM)
    See entire attack surface, continuously maintain your CMDB, and track EOL/EOS software
    
    External Attack Surface Management (EASM)
    Gain an attacker’s view of your external internet-facing assets and unauthorized software
- Vulnerability & Configuration Management
  - | Platform
  - Vulnerability & Configuration Management
  - Enterprise TruRisk Management (ETM) ^NEW
    Consolidate & translate security & vulnerability findings from 3rd party tools
    
    TotalAI ^NEW
    Holistic AI security with vulnerability assessment and protection
    
    Vulnerability Management, Detection & Response (VMDR)
    Discover, assess, prioritize, and patch critical vulnerabilities up to 50% faster
    
    Enterprise TruRisk Management (ETM)
    Consolidate & translate security & vulnerability findings from 3rd party tools
    
    Web App Scanning (WAS)
    Automate scanning in CI/CD environments with shift left DAST testing
    
    API Security
    Scan REST/SOAP APIs & check API compliance with shift-left API testing
- Risk Remediation
  - | Platform
  - Risk Remediation
  - TruRisk Eliminate (TE) ^NEW
    Address critical vulnerabilities with flexible, patchless solutions
    
    Patch Management (PM)
    Efficiently remediate vulnerabilities and patch systems
    
    Custom Assessment and Remediation (CAR)
    Quickly create custom scripts and controls for faster, more automated remediation
- Threat Detection & Response
  - | Platform
  - Threat Detection & Response
  - Multi-Vector EDR
    Advanced endpoint threat protection, improved threat context, and alert prioritization
    
    Context XDR
    Quickly create custom scripts and controls for faster, more automated remediation
- Compliance
  - | Platform
  - Compliance
  - Policy Compliance
    Reduce risk, and comply with internal policies and external regulations with ease
    
    File Integrity Monitoring (FIM)
    Reduce alert noise and safeguard files from nefarious actors and cyber threats
- Cloud Security
  - | Platform
  - Cloud Security
  - TotalCloud (CNAPP)
    Cloud-Native Application Protection Platform (CNAPP) for multi-cloud environment.
    
    Cloud Security Posture Management (CSPM)
    Continuously discover, monitor, and analyze your cloud assets for misconfigurations and non-standard deployments.
    
    Infrastructure as Code Security (IaC)
    Detect and remediate security issues within IaC templates
    
    SaaS Security Posture Management (SSPM)
    Automate the process of managing your SaaS apps, including global settings, user privileges, licenses, files, and their security and compliance posture.
    
    Cloud Workload Protection (CWP)
    Detect, prioritize, and remediate vulnerabilities in your cloud environment
    
    Cloud Detection and Response (CDR)
    Continuous real-time protection of the multi-cloud environment against active exploitation, malware, and unknown threats.
    
    Kubernetes and Container Security (KCS)
    Discover, track, and continuously secure containers – from build to runtime
Solutions
- | Solutions
- Use Cases
- Risk Operations Center ^NEW
- Endpoint Security
- Compliance
- PCI Compliance
- Cloud Security
- DevOps
- Threat Protection
- Software Supply Chain Risk
- NIS2
- Segments
- Small Business
- Mid-Sized Business
- Enterprise
- Public Sector
Customers
- Customers
- Overview
- Best Practices
- Success Stories
- Testimonials
Resources
- | Resources
- Resources
- Resources Library
- Product Tours
- Blog
- Webinars
- Qualys Stream
- Research
- Threat Research Unit
- Security Alerts
- Security Advisories
Support
- Support
- Support Portal
- Free Training
- Documentation
- Community Discussions
- Knowledgebase
- Release Notes
- Release Notifications
More
- | More
- Partners
- Overview
- Partner Program
- VAD Partners
- VAR Resellers
- MSP/MSSP Partners
- Integration Partners
- Partner FAQs
- Find Partner
- Company
- About Us
- Our Team
- Investor Relations
- News
- Awards
- Events
- Careers
Community
- Community
- Overview
- Discuss
- Blog
- Training
- Docs
- Resources
Login
Contact Us
- Contact Us
- Chat with Us
- Schedule a Demo
- +1800 745 4355
- Request a call or Email
- Global Offices with Contacts
Try Now