IRM has announced new functionality for SYNERGi, their 360° governance, risk and compliance software platform. The newly available Qualys Connector now enables SYNERGi customers to identify, report and remediate vulnerabilities.
The Connector for SYNERGi offers access to valuable, integrated vulnerability data. This access empowers security operations and incident response teams to more efficiently gather information needed to identify where and when organisation may be vulnerable to attack. Additionally, this integration can also be leveraged to collect, analyse and report audit data for accelerated and continued compliance with standards such as PCI, HIPAA, SOX, NIST, and more.
How does it work?
The IT Security module accesses the Qualys VM data through a Connector. SYNERGi streamlines the import of the Qualys vulnerability data into SYNERGi. Within SYNERGi Enterprise, the Qualys App provides a vulnerability dashboard containing a variety of summary charts as well as multiple vulnerability search tools. For example:
The main dashboard includes information on Total Hosts, OS Distribution, Top 10 Hosts and Most Prevalent Vulnerabilities.
Once you start using the IT Security module, you’ll see the biggest benefit is the ability to transform Qualys vulnerability data into user-customisable, dynamic reports and dashboards. This functionality helps you quickly identify and respond to the most critical threats within your enterprise. Also, for the first time, you’ll be able to correlate Qualys and other security data such as Nessus, Penetration Testing results in SYNERGi. This allows you to create a holistic view of your security posture across multiple tool sets.
Why have we integrated Qualys?
The integration of Qualys into SYNERGi’s IT Security Module enables customers to:
1. Quickly identify and report on the vulnerabilities affecting business-critical assets
2. Map security issues to business applications
3. Aggregate and roll-up risk information across their enterprise for proactive mitigation
What does this addition mean for IRM’s customers?
Phillip Mason, IRM’s Software Director said: “Qualys offers our customers access to valuable, integrated vulnerability data that empowers security operations and incident response teams to more efficiently gather information needed to identify where and when organisation may be vulnerable to attack.”
He continues: “Traditional IT GRC solutions are capable of storing and reporting device and vulnerability data from Qualys; however, SYNERGi is taking it further by helping our customer to model their business against a 3 level hierarchy (Business Asset, Component and Device). When we combine this structure with the power of the vulnerability scanning provided by Qualys we can support our customer to quantitatively understand the impact of this data and remediate accordingly.
Additionally, this integration can also be leveraged to collect, analyse and report audit data for accelerated and continued compliance with standards such as PCI, HIPAA, SOX, NIST, and more.”
To find out more about Qualys, visit their website.