Qualys Cloud Platform Our Journey into the Cloud: The Qualys Cloud Platform & Architecture Thomas Wendt Regional Manager Post-Sales, DACH, Qualys Inc.
Digital Transformation More than just adopting new technology Powered by IT innovation Security can t be after thought 11 March 2018 2
Digital Transformation DevOps Innovation Cloud Migration Container Revolution Scale & Elasticity 11 March 2018 3
Digital Transformation Cloud Infrastructure More of IaaS & PaaS But still running your code 11 March 2018 4
Digital Transformation What about Security? DevSecOps! Built-in not bolted-on More Dev than Sec or Ops 11 March 2018 5
Our Journey into the Cloud Hindered by the Silos Datacenter Infrastructure Security Corporate User Endpoint Security Cloud Security Web application security (AppSec) CI/CD security automation (DevOps/DevSecOps) IT Asset Configuration Compliance & Audit 11 March 2018 6
Plethora of Point Solutions Both Legacy and Next-Gen SIEM Console Console Console (FIM) Console (VM) Console (EDR) Console (PATCHING) Console Agent Agent Agent Agent Agent Agent Agent 11 March 2018 7
Single Pane of Glass 11 March 2018 8
Single Pane of Glass 11 March 2018 9
Instant Automated Response 11 March 2018 10
Qualys Cloud Platform Unified approach to detection, prevention & response across on-prem, cloud and endpoints On Premise Endpoints Cloud VMware 11 March 2018 11
End-to-end Security Architecture Automated Continuous Monitoring & Response Discovery Prevention Detection Response On-Prem Cloud Mobile Devices OT/ICS IoT CMDB Inventory Security Hygiene Vulnerability Assessment Threat Prioritization Patch Management Configuration Assessment Endpoint Activity Cloud Infra Monitoring Network Activity Security Orchestration Incident Response Quarantine NAC 11 March 2018 12
Qualys Sensors Scalable, self-updating & centrally managed Physical Virtual Cloud/Container Cloud Agents Passive API Legacy data centers Private cloud infrastructure Commercial IaaS & PaaS clouds Light weight, multi-platform Passively sniff on network Integration with Threat Intel feeds Corporate infrastructure Virtualized Infrastructure Pre-certified in market place On premise, elastic cloud & endpoints Real-time device discovery & identification CMDB Integration Continuous security and compliance scanning Continuous security and compliance scanning Fully automated with API orchestration Real-time data collection Identification of APT network traffic Log connectors Continuous security and compliance scanning Continuous evaluation on platform for security and compliance Extract malware files from network for analysis Agentless + Agent Based + Passive 11 March 2018 13
The Backend Scalable, Micro-services, DevOps Scanner Service VM PC WAS WAF FIM Qualys Streaming Data Backone Cloud Agent Service Reporting Analytics IOC Indexing Service Asset Tagging Service 11 March 2018 14
ASSET MANAGEMENT Integrated Cloud Apps Asset Inventory Maintain full, instant visibility of all your global IT assets CMDB Sync Synchronize asset information from Qualys into ServiceNow CMDB Cloud Inventory (Beta) Inventory of all your cloud assets across AWS, Azure, GCP and others Certificate Inventory (Beta in Sep) Inventory of TLS/SSL digital certificates on a global scale IT SECURITY Vulnerability Management Threat Protection Continuous Monitoring Continuously detect and protect against attacks, Pinpoint your most critical threats and Alerts you in real time about network anytime, anywhere prioritize patching irregularities Indication of Compromise (Beta) Continuously monitor endpoints to detect suspicious activity Container Security (Beta) Discover, track, and continuously protect containers Certificate Assessment (Beta in Sep) Assess all your digital certificates for TLS/SSL vulnerabilities COMPLIANCE MONITORING Policy Compliance Assess security configurations of IT systems throughout your network PCI Compliance Automate, simplify and attain PCI compliance quickly File Integrity Monitoring (Beta) Log and track file changes across global IT systems Security Configuration Assessment Automate configuration assessment of global IT assets Cloud Security Assessment (Beta) Security Assessment Questionnaire Get full visibility and control across all public cloud instances Minimize the risk of doing business with vendors and other third parties WEB APPLICATION SECURITY Web Application Scanning Secure web applications with end-to-end protection Web Application Firewall Block attacks and virtually patch web application vulnerabilities 11 March 2018 15
Qualys Cloud Platform Unified approach to prevention and response Integrated Suite of Applications Analytics and Reporting Engines Distributed Sensors Hardware Virtual Cloud Agent Passive API 11 March 2018 16
Single Pane of Glass Via dynamic and customizable dashboards and centrally managed, self-updating, integrated Cloud Apps in a single-pane-of-glass UIs (AssetView, CloudView, CertView ) 1+ trillion Security Events 250+ billion Data Points Indexed on Elasticsearch Clusters 3+ billion IP Scans/Audits a Year 99.9996% Six Sigma Scanning Accuracy 11 March 2018 17
Qualys Cloud Platform Operations Raleigh, NC Signature Updates Software Updates France, EU 6 Public Clouds online in US, EU and IN Public Clouds Redwood Shores, CA Operation, Administration and Maintenance Global Infrastructure 3+ Billion Scans Annually * Pune, India Private Clouds as a Platform Appliance or a Virtual Data Center (50 plus) Private Clouds 11 March 2018 18
Unique advantages of the Qualys Cloud Platform No hardware to buy or manage Lower operating costs Easy to deploy and maintain Unprecedented scaling Nothing to install or manage, and all services are accessible in the cloud via web interface. Qualys operates and maintains everything. With everything in the cloud, there are no capital expenditures, no extra human resources needed, and no infrastructure or software to buy and maintain. Easily perform assessments on geographically distributed and segmented networks at the perimeter, behind the firewall, on dynamic cloud environments and endpoints. Qualys Cloud Platform is a scalable, end-toend solution for all aspects of IT security. Once deployed, seamlessly add new coverage, users and services as you need them. Always Up-to-date Qualys has the largest knowledge base of vulnerability signatures in the industry and performs over 3 billion IP scans per year. All security updates are made in real time. Data stored securely Vulnerability data is securely stored and processed in an n-tiered architecture of load-balanced servers. Our encrypted databases are physically and logically secure. Available as a Public or on-premises Private Cloud Full server rack For governments, enterprises, and MSSPs Virtual rack For governments, enterprises, and MSSPs Standalone appliance For small businesses 11 March 2018 19
Qualys Cloud Platform A new unified approach to prevention and response 2-second visibility across all of your global IT assets (on premise, endpoints and cloud assets) Continuous assessment of your global security & compliance posture Identify compromise-able and compromised assets Consolidate all your security and compliance stacks Secure your digital transformation Drastically reduce your spend 11 March 2018 20
Thank You Thomas Wendt twendt@qualys.com