Qualys, Inc. announced the launch of CyberSecurity Asset Management 3.0, an expansion of the Enterprise TruRisk Platform. This update integrates its leading vulnerability assessment capability into its External Attack Surface Management (EASM) solution delivering an accurate, real-time view of the external attack surface that eliminates more false positives to mitigate the risk of unknown assets. Traditionally, cybersecurity teams rely on disparate sources like standalone external scanning tools, IT-centric databases such as configuration management databases (CMDBs), and API-based integrations to piece together asset inventories.

EASM tools have relied on banner- grabbing methods that produce stale, incomplete asset data shots. As a result of this piecemeal approach to asset discovery, the average enterprise is blind to 38% of its assets at any given time. Qualys CyberSecurity Asset Management 3.0 extends its leading asset discovery for all types of environments?including an EASM engine for real-time and accurate assessment of external attack surface risks, built-in passive sensing for IoT and rogue devices using the already-deployed Qualys agent, and third-party API-based connectors to complement Qualys sensors.

This unified approach not only consolidates asset discovery to a single, unified solution but also introduces a first-of-its-kind EASM lightweight vulnerability scanner to pinpoint critical vulnerabilities immediately upon discovery. This release enhances Qualys' attack surface coverage, allowing organizations to: Gain precise insight into which external assets are attributed to the organization ? Discover all assets from subsidiaries, mergers, and acquisitions with patent-pending attribution and confidence scoring.

Reduce false positives to isolate risk on the external attack surface ? Quickly and accurately identify the most critical risk with vulnerability detections, reducing 60%* of false positives that result from basic banner-grabbing tools. Eliminate unknowns from the internal network in real time ?

Uncover 34% more assets in real time with passive sensing, built into the Qualys agent to identify unmanaged IoT/OT devices. The third-party connectors complement the Qualys sensors delivering a unified inventory, and scan previously unknown assets for vulnerabilities and compliance issues. Qualys CyberSecurity Asset Management is immediately available.