The UK’s National Cyber Security Centre (NCSC) has recently released a guidance recommending patching vulnerabilities for internet-facing services and software within five days and non-external-facing vulnerabilities within seven days.
To help organisations achieve this, Qualys, a provider of cloud-based IT, security, and compliance solutions, has announced it will be offering free 30-day access to the Qualys Enterprise TruRisk Platform.
This will aid organisations in efficiently discovering and classifying internet-facing and internal-facing assets and prioritising vulnerabilities for swift and safe remediation, aligning with the NCSC guidance.
This helps several organisations, as many find it challenging to discover all their assets, specifically internet-facing, efficiently measure and prioritise the risk and remediate it. Anonymised customer data from the Qualys Threat Research Unit (TRU) indicates the average organisation’s median time to remediate (MTTR) was 29 days. In contrast, the median time to weaponise (MTTW) was seven days.
“Given the rate at which adversaries are weaponizing vulnerabilities, it is almost impossible for most organizations, with their complex infrastructures and patch workflows, to keep up,” said Hadi Jaafarawi, Managing Director, Middle East, Qualys. “By offering the Qualys Enterprise TruRisk Platform free for 30 days, organizations can avail of a solution that streamlines asset discovery, takes the guesswork out of understanding which vulnerabilities are the riskiest and helps with prioritization, so they can mitigate risks quickly and efficiently to safeguard their businesses.”
The free access to the Qualys Enterprise TruRisk Platform allows organisations to remediate issues in as little as 30 minutes and within seven days for full alignment. Incorporating Vulnerability Management Detection and Response (VMDR), CyberSecurity Asset Management, and Patch Management, the Qualys offering helps organizations to:
- Identify External Assets: Accurately discover internal and external assets within your environment and flag End of Life (EOL) and End of Support (EOS) software and devices.
- Conduct Efficient Risk-based Prioritisation: Vulnerabilities are prioritized by their TruRisk score and automatically mapped to necessary updates to simplify IT workflows for a customized NCSC risk and remediation view.
- Automate Patching: Qualys Patch Management closes the gap between security and IT teams. It brings these groups together to safely prioritize and deploy patches automatically, helping customers update by default within seven days.
