In line with new patching window guidance from the UK's National Cyber Security Center (NCSC), Qualys, a provider of disruptive cloud-based IT, security and compliance solutions, is offering 30 days of free access to the Qualys Enterprise TruRisk platform. announced. This move aims to help organizations efficiently discover and categorize both internal and internet-facing assets, prioritizing vulnerabilities and resolving them quickly and securely.
Richard Sorosina, ANZ Chief Technology Security Officer at Qualys, said of the importance of the new service to organizations: “In our experience, very few companies are able to meet the recommended five-day patching window. In fact, our research shows that on average, vulnerabilities are typically weaponized within 30.6 days. On average, only 57.7% of the time. Speed is the key to defeating the enemy.'' “We are committed to doing more to prioritize vulnerabilities for the better.”
The NCSC has issued guidance suggesting that vulnerabilities in internet-facing services and software be patched within five days and non-externally-facing vulnerabilities within seven days. However, many businesses struggle to accurately identify all their assets, especially those connected to the internet, and effectively measure, prioritize, and remediate the associated risks. According to anonymous data from the Qualys Threat Research Unit (TRU), the median remediation time for a typical UK company was 17 days for external vulnerabilities and 15 days for internal threats.
Tom Copeland, Head of Governance, Risk and Compliance at Associated British Foods, explained how Qualys strengthens the company's ability to respond to cyber threats. Identified vulnerabilities are opportunities to strengthen defenses, making ABF more secure overall. ”
Qualys NCSC services are free for 30 days and consist of vulnerability management detection and response (VMDR), cybersecurity asset management, and patch management. The platform facilitates accurate discovery of both internal and external assets, prioritizes vulnerabilities based on TruRisk scores, and automates the NCSC-recommended patching process within 5-7 days.
Commenting on the announcement, Sumedh Thakar, President and CEO of Qualys, said: “Adversaries are weaponizing vulnerabilities faster than ever before, explaining the NCSC's focus on remediating vulnerabilities quickly. We are offering the Qualys Enterprise TruRisk Platform free for 30 days. ” This streamlines asset discovery and eliminates guesswork about which vulnerabilities are the most risky, making it easier to prioritize, allowing organizations to quickly and efficiently identify risks. You can protect your business by reducing ”
