Qualys Security Conference Mumbai, India

Global IT Asset Management

Siva MandalamVP, Product Management, Qualys, Inc.

Why Asset Management?

May 8, 2019Qualys Security Conference 20192

Multiple Regulations and Standards

PCI-DSS2.4 Maintain an inventory of system components that are in scope for PCI DSS

RBI CybersecurityInventory Management of Business IT Assets, Prevent execution of unauthorized S/W

ISO 27001 Inventory of assets (clause A.8.1.1)

GDPRFull hardware and software inventory, including license information for audit data

Challenges with IT Asset Management

May 8, 2019Qualys Security Conference 20193

VISIBILITYPOINT

SOLUTIONSNO BUSINESS

CONTEXT

ACROSS CAMPUS /DC/BRANCH/

CLOUD

NO ACTIONABLE

INSIGHTSINACCURATE

INFORMATION

Qualys Unified IT-IoT-OT Visibility, Analytics and Control Solutions

May 8, 2019Qualys Security Conference 20194

Agentless| Agent | Passive | API

Analytics

Vulnerability Detection

Policy Detection

Threat Quantification

ControlRemove Unauthorized

Devices

Policy based Automation

Orchestration

Visibility

Managed and Unmanaged Devices

Hardware, Software, Applications and Traffic

Qualys Asset Inventory

Real-time Inventory

Source of truth for IT and Security teams

Introducing

Structured and complete context

Benefits

2-second Visibility

Business contextual Inventory

Uniform, accurate information

IT Cost reduction

How is it done?

Physical ScannerVirtual ScannerCloud Scanner

Cloud AgentPassive SensorAPI

Qualys SensorsScalable, Self-updating & Centrally Managed

OS/HW/SWMfg./owner/productMarket version

EoL/EoSLicense typeVulnerability/PC

Asset Inventory in Qualys CloudCategorization, Normalization, Enrichment

Case Study: Large Bank helps Stay Compliant with Qualys AI

May 8, 2019Qualys Security Conference 20198

“We have regulatory compliance needs that require us to monitor unauthorized software, current versions of DB software, EoL/EoSsoftware to ensure that we are in compliance “

Chief Information Officer

SolutionAI Dashboards | Software Inventory | Lifecycle Context

UnauthorizedSoftware

Challenges

Database Versions

Software Market Version

Software Lifecycle (EoL/EoS)

Database Server

Unauthorized Software

Case Study: Large Accounting Firm uses Qualys AI for Unified Inventory

May 8, 2019Qualys Security Conference 20199

SolutionAI Dashboards | Asset Category Priority | CMDB Synch.

“Single unified inventory management for global assets across 4000 employees and distributed offices are required for us to drive optimizations in internal processes, including vulnerability prioritization, patching/remediation, service desk etc.“

Security Manager

Unified Inventory

Challenges

Prioritize security needs

Service Desk Optimization

Case Study: Global Technology Leader uses Qualys AI to Determine Unmanaged Devices

May 8, 2019Qualys Security Conference 201910

SolutionAI Dashboards | Unmgd. Devices View | Traffic Stats

Unified Inventory

Challenges

Unmanaged Devices Visibility

Unmanaged Devices Control

"We’ve not been able to understand our devices in its entirety. Qualys AI solution with complete context for devices are excellent way to understand devices, security threats and prioritize actions "

Security Manager

Complete and clean data to your CMDB

Certified ServiceNow App Syncs asset data in both directions.

DEMO

Qualys sensors for complete, detailed asset telemetryStructuring your inventory (normalization and taxonomy)

Enriching your inventory (e.g. lifecycle) Blind spots? (showcase passive discovery)

First Phase (Q2/Q3-2019)IT asset discovery and profilingApplication recognition and usage

Next (Q4/Q1-2019/20)Asset discovery and profiling

• SCADA• Medical Devices

Multi-function Passive Sensor

Future use casesHighlight asset relationshipTraffic anomaly & Network IOCSmart whitelisting (policies within Secure Access Control)

…

(Beta Now!)

Secure Access Control

Use CasesAsset Inventory – Access control using asset inventory attributes

Managed Assets

System InformationHardware

Operating SystemServices

Network InterfacesOpen Ports

Software InventorySoftware Lifecycle

Secure Zones/subnets

Attributes

Unmanaged Assets

ACL

Block

Allow

Assign VLAN

Assign ACL

Quarantine

Use Cases

8 May 2019Qualys Security Conference, 201816

Vulnerabilities – Quarantine assets if vulnerable

http://windowsupdate.microsoft.comhttp://*.windowsupdate.microsoft.comhttps://*.windowsupdate.microsoft.comhttp://*.update.microsoft.comhttps://*.update.microsoft.comhttp://*.windowsupdate.comhttp://download.windowsupdate.comhttp://download.microsoft.comhttp://*.download.windowsupdate.comhttp://test.stats.update.microsoft.comhttp://ntservicepack.microsoft.com

Local Data Center LDC-01 Remote Data Center RDC-01

DHCPServer

DNSServer

Employee Laptop

Vulnerability Found

Enterprise

Remote Office

Windows Update Servers

Active Directory

Quarantine

Use Cases

8 May 2019Qualys Security Conference, 201817

Compliance - Block assets which fail compliance

Managed Assets ACL

Block

Allow

Assign VLAN

Assign ACL

Quarantine

ComplianceControls Mandates

Control Policies

MalwareFamily

CategoryScore

Indications of Compromise

File ProcessMutex

NetworkRegistryIncidents

Threat Protection

Zero DayPublic ExploitActively Attacked

High Lateral Movement

High Data LossDoS

No PatchExploit Kit

Easy Exploit

File Integrity ActionActor

TargetIncidents

Qualys Security Conference Mumbai, India

Thank You

Siva Mandalamsmandalam@qualys.com