Leading technology partners and organizations have integrated their products with QualysGuard to deliver a wide variety of high-value, differentiated security solutions. Straightforward APIs and XML data exchange make it easy to create seamless security solutions, while our Web service architecture minimizes solution maintenance and upgrade requirements. Non-technology organizations and associations find that QualysGuard provides an ideal mechanism for supporting their member's critical security needs.
Benefits for Integration Partners
|
Best of Breed Partner: With the most accurate, comprehensive and easily deployed scanning available, Qualys provides the best vulnerability management solution to support your brand, your customers and your stakeholders. |
|
|
Market Exposure: With thousands of security-conscious customers in all major vertical markets, Qualys brings market knowledge, experience and exposure to our partnerships. |
|
|
Strong Complementary Solutions: Accurate vulnerability assessment and network scan data from QualysGuard can dramatically improve the usefulness and accuracy of many complementary security products, such as network management tools and agents, intrusion detection and prevention systems, firewalls and patch management solutions. |
QualysGuard is integrated with leading security solutions and technologies in these spaces:
SIEM (Security Information & Event Management)
QualysGuard integration with SIEM solutions enhances correlation and prioritization of security incidents/events by automating the import and aggregation of endpoint vulnerability assessment data. The integration enables the joint solution to automatically launch on-demand scans based on environment changes or policy compliance rules, prioritize events and provide detailed vulnerability information through one central interface.
Archer Technologies
Archer Technologies is a leading provider of automated enterprise risk and compliance management solutions. Archer leverages the QualysGuard API to import detailed scan reports into the Archer Threat Management solution. This allows clients to link QualysGuard scans with other business-critical data such as vulnerability information from threat feeds (VeriSign® iDefense®, Symantec™ and Cisco®), asset information from the Archer Asset Management solution, and policies and authoritative sources from the Archer Policy Management solution. By linking this information within Archer, clients can reduce enterprise risks, manage and demonstrate compliance, automate business processes, and gain visibility into corporate risk and security controls.
ArcSight ESM
ArcSight Enterprise Security Manager (ArcSight ESM) provides a real-time threat management solution. ArcSight's ESM collects QualysGuard vulnerability assessment data via a SmartConnector to enable customers to precisely pinpoint the risk level of certain vulnerabilities in their IT environments. By correlating this information for real-time monitoring it reduces false positives and provides real-time analysis, visualization, reporting, forensic analysis and incident investigation.
CS-MARS
The Cisco® Security Monitoring, Analysis, and Response System (Cisco Security MARS) provides insight and control of the existing security deployment. Part of Cisco's security management lifecycle, Cisco Security MARS empowers security and network organizations to identify, manage, and counter security threats. QualysGuard integration with Cisco MARS allows vulnerability scan data to be automatically imported into CISCO MARS for enhanced correlation and prioritization of security events.
nFX
NetForensics Security Information Management (SIM) provides decision support for compliance, risk management and business continuity. QualysGuard and netForensics integration provides a centralized solution for correlation, log aggregation, threat analysis, incident response and forensic investigation with the additional value of providing valuable context for the threatened host. QualysGuard vulnerability details are displayed on demand for any hosts under attack or being investigated by netForensics. This allows users to quickly match attacks and misuse to a host's vulnerabilities as part of the investigation and mitigation process.
enVision
Network Intelligence's enVision provides both real-time and historical security and compliance analysis as well as reporting and alerting solutions. QualysGuard integration with enVision provides real-time update of asset vulnerability data. A critical part of Network Intelligence solution is an asset management component that is aware of the vulnerability and importance of each asset on the network. Network Intelligence can correlate that data with assets on the organization's network and fire alerts based on the type of attack and the attacked asset. With the addition of vulnerability data, Network Intelligence can determine the severity level of the attack.
Sentinel
Novell's Sentinel (recently acquired by Novell from e-Security) delivers visibility into an enterprise's network automating the monitoring of an enterprise's IT controls for effectiveness to detect and resolve threats in real time—before they affect the enterprise's business. By collecting the results of QualysGuard's vulnerability scans and correlating it with the user's intrusion detection sentinel (IDS) data, Sentinel's Exploit Detection functionality can instantly tell the Sentinel user if their infrastructure is at high risk from incoming exploits/malware.
StillSecure VAM
The StillSecure Enterprise Integration Framework includes a set of APIs that extend VAM capabilities, allowing users to import and export data into and out of VAM. This provides an interface framework for integrating VAM with existing IT systems. Using the Qualys connector, organizations can easily import devices scanned by Qualys into VAM for management. Through the integration, joint StillSecure and Qualys customers can better manage their organization's risk by proactively identifying, tracking, and managing the repair of critical network vulnerabilities. Organizations importing QualysGuard data into VAM adopt an auditable workflow process that focuses remediation efforts on the highest priority devices before they are exploited.
QRadar
QRadar goes beyond traditional security information/event management (SIEM) to create a command-and-control center. QRadar combines, analyzes and manages an unequalled set of surveillance data—network behavior, security events, vulnerability profiles and threat information—to empower enterprises to manage business operations on their networks efficiently from a single console. QualysGuard integration with QRadar provides vulnerability information that is used in powerful analysis of network assets and network activity, resulting in a more intelligent assessment of your network and potential threats to it.
SSMS
Symantec™ Security Management System (SSMS) provides a scalable, high-performance solution for centralized logging, alerting and reporting. The vulnerabilities identified by QualysGuard scans can be viewed within Symantec Enterprise Security Architecture (SESA) and correlated to other security alerts in Symantec Incident Manager. SESA is the security platform that powers the Symantec Security Management System. Symantec Incident Manager correlates security events in real time across disparate security technologies and network tiers to identify, prioritize and coordinate the resolution of security incidents.
Patch Management
QualysGuard integration with Patching solutions increases the confidence level of detected vulnerabilities and even automates their remediation by implementing patches on confirmed vulnerabilities. As a result, the joint solution reduces threat exposure window as well as manual processes and duplicated efforts. It also provides a closed loop process where vulnerability scans are triggered after remediation to verify that vulnerabilities were effectively fixed.
Hercules
Citadel Hercules Remediation Manager (acquired by McAfee) manages and automates the remediation process for detected vulnerabilities. Qualys' integration with Citadel Security Software Inc. enables customers to automatically import vulnerability scan results; trigger remediation process and verify the remediation of vulnerabilities on their corporate networks. The combined solution will initiate an automatic vulnerability audit after each Hercules remediation cycle to validate the elimination of vulnerabilities on a company's network.
Help Desk Ticketing Systems
QualysGuard's Trouble Ticketing system can automatically create trouble tickets for remediation using a robust rules engine. Through the QualysGuard Ticket Notification Engine (TNE) and associated ticketing APIs, QualysGuard can provide a seamless transfer of discovered vulnerabilities with many third-party ticketing. This integration enables enterprises to review vulnerability tickets generated by QualysGuard in their own ticketing systems without impacting operational processes.
QualysGuard Ticket Notification Engine
Qualys has built a highly customizable ticket notification engine (TNE) as part of a Linux-based VMware image, which sends SMTP messages to in-house ticketing systems or third-party applications such as CA Service Center, BMC Magic Service Desk, HP Service Desk, Bugzilla, and others that can support SMTP as a way to open new trouble tickets. Using QualysGuard's own APIs, the TNE can be configured to present all tickets or only a select few to designated individuals based on specific criteria defined by the user.
Risk Management
QualysGuard Integration with Risk Management provides the automation of the entire risk management process which includes network discovery and vulnerability assessment in one comprehensive view for risk analysis and remediation prioritization. It consolidates vulnerability, configuration, and threat data. The joint solution gives enterprises the ability to model their network topology, determine what vulnerabilities are present on their network and understand which vulnerable systems can actually be accessed. All of this information is used to ultimately measure risk for asset groups and prioritize remediation.
RedSeal
RedSeal's solutions enable companies to quantify overall security, assess critical areas of risk and validate that their security infrastructure successfully stops attacks. Integration of Redseal SRM with QualysGuard gives enterprises the ability to model their network topology, determine what vulnerabilities are present on their network and understand which vulnerable systems can actually be accessed based upon the network traffic filtering policies. All of this information is used to ultimately measure risk for asset groups and prioritize remediation.
SkyBox View
Skybox View® is an integrated family of Security Risk Management applications. QualysGuard integration with Skybox Security Risk Management (SRM) provides real-time updates of asset vulnerability data. As new hosts and vulnerabilities are discovered by QualysGuard, this information becomes immediately available in Skybox View's network model, and automatically evaluated in the attack simulation and risk calculation engine.
Network Access Control
QualysGuard integration with Network Admission/ Access Control solutions, a.k.a. NAC, provides organizations the capability to enforce security policies in order to grant access to the internal network without requiring a residing agent running in the endpoint. Endpoint agents require maintenance and support for multiple platforms, which in practical terms is not achieved. QualysGuard NAC integrations allow customers to audit hosts for vulnerabilities or specific configuration rules and proactively apply security policies to any device (workstations, printers, APs, etc) requesting access to the internal network, including guest and contract workers. By doing so, it prevents that unauthorized, vulnerable or infected devices enter the network and attack enterprise systems, other endpoints or simple spread malware.
MetaInfo SAFE DHCP
MetaInfo combines core IP network services with the security of Network Access Control. QualysGuard's NAM integration with the MetaInfo SAFE DHCP® Quarantine Appliance provides automated auditing of hosts as they request network access. The SAFE DHCP Quarantine Appliance checks the host's MAC address against its database, and, if the MAC address is unknown or expired, signals the QualysGuard appliance to scan the host for vulnerabilities. If the host's vulnerabilities exceed the customer-defined threshold, the host remains isolated from the network.
IDS/IPS
QualysGuard integration with IDS/IPS solutions provides customers with an automated way to adjust severity level of incident alerts based on host context information provided by QualysGuard. The joint solution delivers to customers a more accurate assessment of the detected incident facilitating remediation prioritization and ultimately reducing the amount of incident response resources consumed by non-critical or non-relevant incidents.
LANsurveyor
Neon LANsurveyor with Continuous Scan IDS is a software-based intrusion detection and prevention solution that works across network segments. LANsurveyor automatically generates a baseline network diagram; continuously updates the diagram, testing newly attached nodes to determine whether or not they belong on the network. QualysGuard integration with LANsurvivor provides continuous assessment by maintaining a scheduled network scans using QualysGuard and automated logs discovery of unsafe nodes and optional alerts. LANsurveyor can also optionally disconnect the new node from the network if the vulnerability assessment fails.
CounterAct
ForeScout CounterAct is a clientless network access control (NAC) and policy enforcement with built-in signature-less intrusion prevention and vulnerability assessment. QualysGuard integration with CounterAct enables vulnerability data from QualysGuard to be imported into CounterAct so customers have access to detailed host vulnerabilitiy data to be used for policy enforcement and/or correlated with information from other sources.
Network Patching
QualysGuard integration with Network Patching solutions benefits both IT operations teams and security teams by effectively protecting systems while automatically managing the number of reported vulnerabilities that need to be addressed. They will certainly value a more focused Vulnerability Management which means less reactive efforts and a disruption-free risk mitigation process.
PatchPoint
The Blue Lane PatchPoint System is a patch protection gateway. Blue Lane's patch protection gateway provides inline vulnerability remediation for server operating systems, databases and enterprise applications, offering instant application protection with zero footprint, zero downtime, and zero tuning. Also without requiring any software deployment, QualysGuard provides a comprehensive on demand vulnerability management solution that enables security professionals to stay ahead of security threat exposures. PatchPoint integration with QualysGuard provides a unified solution that automatically ignores vulnerabilities detected by QualysGuard that have been protected by a network-patch implemented by PatchPoint. As a result, customers can focus on existing unprotected vulnerabilities that offer a real threat to the customers systems.
Network Behavior Analysis
QualysGuard integration with Network Behavioral Analysis (NBA) solutions enhances the effectiveness of behavior-based threat detection solutions by providing host security posture which can lead to better discernment about the detected network anomaly. The joint solution enables customers to stop harmful attacks to the network in its early stages and minimizes false positives, which leads to lower incident response and maintenance costs. Additionally, by targeting scans based on new detected device or behavior changes, customers are able to maintain an accurate vulnerability database without continuous wide-scale scanning; and scan hosts involved in suspicious or unusual activity in real-time.
Mazu Profiler™
Mazu Profiler™ uses flow data from network traffic passing through routers and switches inside the network to monitor real-time network traffic. It can respond to risks, threats and outages. When Profiler is integrated with QualysGuard the combined solution provides better incident context and streamlines response processes.
Security Policy Management
QualysGuard integration with Security Policy Management solutions allows customers to conduct policy-driven, on-demand vulnerability scans of suspicious network events. QualysGuard scans are triggered in response to specific network or configuration change events, scan data is aggregated to asset records, and evaluated for compliance and risk analysis in reference to the established policy.
Archer Technologies
Archer Technologies is a leading provider of automated enterprise risk and compliance management solutions. Archer leverages the QualysGuard API to import detailed scan reports into the Archer Threat Management solution. This allows clients to link QualysGuard scans with other business-critical data such as vulnerability information from threat feeds (VeriSign® iDefense®, Symantec™ and Cisco®), asset information from the Archer Asset Management solution, and policies and authoritative sources from the Archer Policy Management solution. By linking this information within Archer, clients can reduce enterprise risks, manage and demonstrate compliance, automate business processes, and gain visibility into corporate risk and security controls.
McAfee Preventsys Risk Analyzer
McAfee® Preventsys® Risk Analyzer consolidates vulnerability, configuration, and threat data in one comprehensive view. QualysGuard integration with Preventsys® Risk Analyzer provides the ability to automatically analyze QualysGuard scan results in the context of a company's business rules and policies. Once the analysis is completed, it is presented as a prioritized list of remediation actions, tied together in a remediation workflow.
Penetration Testing
QualysGuard integration with Penetration Testing solutions increases the effectiveness of network security assessments by eliminating the manual step of running a scan before performing penetration testing using multiple interfaces. Customers are provided with an automated way to both scan networks against a comprehensive vulnerability database with QualysGuard and then to safely exploit those same vulnerabilities with a penetration test. The integration reduces the amount of time customers spend collecting data from vulnerability scans and performing penetration testing, while lowering costs and making the remediation process more effective.
CoreImpact
CORE IMPACT is the first automated, comprehensive penetration testing product for assessing specific information security threats to an organization. QualysGuard's integration with CoreImpact automatically imports vulnerability assessment results into the CORE IMPACT management console. The integration reduces the amount of time security consulting organizations and corporations spend collecting data from vulnerability scans and performing penetration testing, while lowering costs and making the remediation process more effective.
