Vulnerability Management, Detection and Response (VMDR) enables you to discover, assess, prioritize, and identify patches for critical vulnerabilities and misconfigurations in real time and across your global hybrid-IT landscape all in one solution.
It combines free unlimited asset inventory, vulnerability and configuration assessment, threat risk and powerful vulnerability prioritization technology, integrated with patch management workflows helping organizations reduce Mean-Time-to-Remediate (MTTR) for vulnerabilities.
Qualys VMDR provides a single solution for internal, external and PCI scanning needs, and directly integrates with ITSM solutions such as ServiceNow to automate vulnerability management.
VMDR starts with asset discovery and inventory to make sure you have an accurate account of all devices in your environment. It performs continuous vulnerability assessments with cloud agents and a variety of sensors and leverages artificial intelligence to instantly assess and prioritize threats based on relevant context.
If you are a VM customer you can be upgraded to experience VMDR features and you can then choose to purchase VMDR to get additional features.
- Asset inventory across environments like: Certificate, Cloud, Container, Mobile Devices
- Unlimited sensors to help you identify those assets: Virtual Passive Sensors, Cloud Agents, Mobile Agents, Container Sensors
- Search any asset in seconds using over 200+ searchable attributes
- Customizable dashboards and widgets with trending information
- Security configuration assessment to start configuration assessment of your assets based on CIS benchmarks
- Threat-based prioritization based on continuously updated Real-time threat indicators
- Real-time alerting by email of critical vulnerabilities and changes to your external perimeter, etc.
- Detection of missing patches in context of the detected vulnerabilities
- Initiate deployment of missing patches from the VMDR Prioritization report directly
Note: Deployment of patches is available only if you have a subscription for Patch Management.
With VMDR, you will be able to accomplish real time asset discovery and vulnerability information, prioritizing or short listing the vulnerabilities according to the threat intelligence and detecting and deploying right remedial patches at the click of a button.
- Start identifying assets by installing Cloud Agents or upgrade existing agents for VMDR. Assign tags to categorize and organize your assets.
Discover Vulnerabilities & Misconfigurations
- Our signature database continuously discovers software vulnerabilities and identifies security misconfigurations
Prioritize Threats with TruRiskTM
- Run the Prioritization report to prioritize most critical threats on your assets based on real-time threat indicators and identify what to remediate first. With TruRisk you can assess the risk scores of your assets and prevent attacks. You can quantify asset risks using parameters like Asset Risk Score and Qualys Detection Score.
Remediate with ITSM & to Deploy Missing Patches
- VMDR for IT Service Management (ITSM) manages tracking of open vulnerabilities and remediation mapping by using the ServiceNow ITSM platform. ServiceNow tasks are automatically assigned to the group to deploy the most relevant patches.
Start building your inventory by installing Cloud Agents. With our lightweight agents you’ll get continuous network security updates through the cloud. As soon as changes are discovered on your hosts they’ll be assessed and you’ll know about new security threats right away.
You can also identify assets using other methods like Scanners, Passive Sensor, Cloud Inventory, Container Inventory, Mobile Device Inventory.
You can check out the tutorial about how to install Cloud Agent:
Learn more about Qualys Cloud Agent
Get a complete view of vulnerability posture from an asset and vulnerability point of view. All the assets identified by cloud agents and sensors are listed in the Vulnerabilities tab.
Show me details
You can use the VMDR Prioritization report to automatically prioritize the riskiest vulnerabilities on your most critical assets – reducing potentially thousands of discovered vulnerabilities, to the few that matter.
The VMDR Prioritization report helps you focus resources in the right area to first patch the highest risk vulnerabilities. It increases the security posture of your organization by identifying and remediating the vulnerabilities that are and likely to get exploited in the wild by threat actors
Know more about VMDR Prioritization Report
Reading the VMDR Prioritization Report
From the Prioritization report you can view the assets or vulnerabilities that can be patched by Qualys. You can initiate the patching process and patch the vulnerabilities directly from the report.
Note: Deployment of patches is available only if you have a subscription for the Patch Management application.
Know more about deploying patches
Dashboards help you visualize your assets, see your threat exposure, leverage saved searches, and fix priority of vulnerabilities quickly.
We have integrated Unified Dashboard (UD) with VMDR. UD brings information from all Qualys applications into a single place for visualization. UD provides a powerful new dashboard framework along with platform service that will be consumed and used by all other products to enhance the existing dashboard capabilities.
You can use the default VMDR dashboard provided by Qualys or easily configure widgets to pull information from other modules/applications and add them to your dashboard. You can also add as many dashboards as you like to customize your vulnerability posture view.
Quickly get custom views
Use guided search capabilities to help you search all your VM assets, anywhere - on-premises, endpoints, and clouds - with 2 second visibility, using powerful search capabilities. Your latest vulnerability and security results are correlated from VM scans, cloud agents and other sensors.
How to Search
VMDR for IT Service Management (ITSM) offers you to track open vulnerabilities and map remediation tickets to the respective resolver group.
For this integration, we use the Qualys Core application that manages connection between ServiceNow and Qualys Vulnerability Management, Detection and Response (VMDR), data import, import schedules, vulnerability detection rules, and service-level agreement (SLA) definition. For more information, see Qualys VMDR for ITSM.
Guide me Walkthroughs
Guid me Walkthroughs provide step-by step assistance to complete tasks in the application.
To enable the in-app guided tours, click the Help menu and then click Guide Me.
Click to launch the guide tours menu.
Click the preferred option to view the step-by-step guidance.
Qualys Training Videos