Qualys Unveils TotalCloud 2.0
February 07, 2024

Qualys unveiled TotalCloud 2.0, a significant upgrade to Qualys' AI-powered cloud native application protection platform (CNAPP) that delivers a single prioritized view of cloud risk and is the first to extend its protection to SaaS applications.

TotalCloud 2.0 with TruRisk Insights provides a single, prioritized view of cloud risk. The solution correlates unique indicators from diverse Qualys sources, such as Cloud Workload Protection (CWP), Cloud Security Posture Management (CSPM), and Cloud Detection and Response (CDR). It combines these with SaaS and infrastructure posture to allow organizations to fix the most harmful threats quickly.

"Ensuring the security of our customers is paramount to us, so we turned to our trusted partner Qualys to help us secure our cloud solutions," said Rodrigo Herrera Villalón, head of application security, Banco BCI. "Qualys TotalCloud enables us to holistically secure our cloud environment by providing insights into our risk exposure. It brings together and analyzes vulnerability and posture assessment and threat mitigation data, so we can quickly identify and mitigate the most critical issues."

Qualys TotalCloud 2.0's enhancements streamline operations by providing:

- TruRisk Insights: Singular, Prioritized View of Cloud Risk – TruRisk Insights streamlines the identification of the highest-risk assets. In analyzing anonymized customer data1, Qualys found 120,000+ internet-accessible cloud workloads, with less than 10% having confirmed vulnerabilities. Qualys TruRisk Insights correlated risk indicators and identified less than 0.3% of workloads with a confluence of suspicious activities, malware, and misconfigurations. This streamlined focus allowed organizations to prioritize critical issues by eliminating 99% of workloads that didn't require immediate attention. Additionally, TotalCloud 2.0 integrates data from your External Attack Surface Management (EASM) solutions, giving you visibility into how external threats may perceive and target your cloud assets.

- Comprehensive Protection for SaaS Applications – Today's threats extend beyond public cloud into organizations' critical SaaS applications. Without adequate protection, these applications can serve as entry points for lateral movement into the cloud environment. The recent SEC regulation mandates that all public companies are now obligated to disclose cyber incidents and meet cybersecurity readiness requirements for data stored in SaaS systems. TotalCloud is the first CNAPP solution to incorporate SaaS security posture management (SSPM) ensuring that configurations and permissions in apps like Microsoft 365, Zoom, Slack, Google Workspace, etc. are seamlessly integrated into your overall security posture for enhanced decision making.

- Supply Chain Risk Mitigation – TotalCloud effortlessly scans all open-source software pre-and-post deployment across various compute workloads, including containers, utilizing both agent and agentless techniques. This comprehensive approach significantly diminishes supply chain risk by identifying vulnerabilities across multi-cloud environments.

- Operationalized Risk Reduction – Streamlines operations and removes silos between IT and security with ITSM integrations. Automatically assign tickets and enable orchestration of remediation with your ITSM tools such as ServiceNow and JIRA to significantly reduce risk and speed mean time to remediation.

"Managing security across multiple cloud and SaaS applications can lead to scattered risk scores that are challenging for organizations to prioritize, let alone remediate," said Sumedh Thakar, president and CEO of Qualys. "TotalCloud 2.0 silences the noise from disparate security tools, offering a clear, prioritized view of risk across multi-cloud, SaaS applications, and assets. This ensures swift resolution of critical issues, dramatically reducing the organization's risk."

TotalCloud with TruRisk Insights is immediately available.

Share this

Industry News

February 22, 2024

Check Point® Software Technologies Ltd. introduces Check Point Quantum Force series: an innovative lineup of ten high-performance firewalls designed to meet and exceed the stringent security demands of enterprise data centers, network perimeters, campuses, and businesses of all dimensions.

February 22, 2024

Tabnine announced that Tabnine Chat — the enterprise-grade, code-centric chat application that allows developers to interact with Tabnine AI models using natural language — is now available to all users.

February 22, 2024

Avaamo released Avaamo LLaMB™, a new low-code framework for building generative AI applications in the enterprise safely, securely, and fast.

February 21, 2024

CAST announced the winter release of CAST Imaging, an imaging system for software applications, with significant user experience (UX) enhancements and new features designed to simplify and accelerate processes for engineers who develop, maintain, modernize, complex software applications.

February 21, 2024

Pulumi now offers native ways to manage Pinecone indexes, including its latest serverless indexes.

February 21, 2024

Orkes, whose platform offers the fastest way to scale distributed systems, has raised $20 million in new funding.

February 20, 2024

JFrog and Carahsoft Technology announced a partnership that empowers U.S. Government organizations to safeguard their software supply chains with automated DevSecOps workflows to secure software services consumed by citizens.

February 20, 2024

Multiplayer, a collaborative tool for teams that work on system design and distributed software, announced its public beta.

February 20, 2024

DataStax announced its out-of-the-box retrieval augmented generation (RAG) solution, RAGStack, is now generally available powered by LlamaIndex as an open source framework, in addition to LangChain.

February 20, 2024

UiPath announced new features in its platform designed to enable developers to build, test, and accelerate implementation of automations.

February 15, 2024

Kong announced a suite of open-source AI plugins for Kong Gateway 3.6 that can turn any Kong Gateway deployment into an AI Gateway, offering unprecedented support for multi-Language Learning Models (LLMs) integration.

February 15, 2024

ngrok unveiled early access to its API gateway-as-a-service.

February 15, 2024

Tabnine announced a strategic partnership with DigitalOcean.

February 15, 2024

Salt Security announced that the Salt Security API Protection Platform is now available for purchase in the CrowdStrike Marketplace, a one-stop destination for the world-class ecosystem of CrowdStrike compatible security products.

February 14, 2024

Perforce Software signed a definitive agreement to acquire Delphix.