A major upgrade to Qualys TotalCloud should ensure that all cloud vulnerabilities are easily visible together. The company claims the distinction of being the first cloud native application protection platform (CNAPP) to also cover SaaS apps.
A well-known problem for cloud security is that it is difficult to get full visibility. Different cloud environments can perhaps be captured through other security and observability tools, but this invites the risk of blind spots. TotalCloud, Qualys’ CNAPP solution should prevent that.
SaaS security
With version 2.0, the company has introduced the first TotalCloud release that also secures SaaS apps. In doing so, it says it is countering the fragmentation of cloud security, something that is only becoming more common because of the widespread use of multiple clouds.
“Efficiently managing risk and responding quickly to threats or attacks on cloud workloads is challenging for organizations,” said Melinda Marks, practice director, Cybersecurity at Enterprise Strategy Group. “Qualys TotalCloud 2.0 provides a unified platform to identify and consolidate all cloud data across diverse multi-cloud environments, providing broader visibility and context for efficient remediation of security issues. This approach fosters improved collaboration among security, IT, and development teams, to efficiently mitigate risk and protect business critical applications.”
One of the most important aspects of TotalCloud is that silos between different teams within the organization should disappear. Integrations between TotalCloud and ITSM tools such as ServiceNow and JIRA should ensure that each IT and security staff can leverage each other’s findings.
From different sources
TotalCloud still works the same with version 2.0: it provides a single view of cloud risks based on different Qualys sources, so SaaS is now also supported. The company claims that, thanks to TotalCloud, companies already have 85 percent fewer vulnerabilities to prioritize.
The supply chain, also a common pain point when it comes to security, is also monitored extensively by Qualys. Supply Chain Risk Management includes Qualys open-source software scanning at lightning speed before execution.
Also read: Qualys QSC: IDC explains top security risks for 2024
17 hours ago
