Qualys introduces TruRisk Eliminate for augmented Patch Management. Qualys didn’t wait until the event and published a blog post. What they presented is an implementation of workarounds.
In the screenshot of TruRisk Eliminate we see a filtered list of vulnerabilities on assets, the criticality of vulnerabilities in the form of QDS, the Remediations and Mitigations columns.
🔹 Remediations – installing a patch or installing a patch with reconfiguration.
🔹 Mitigations – workarounds that neutralize the vulnerability instead of patching: changing the registry key, changing the config, removing the application, blocking the port, isolating the device, etc.
And there is a button to perform an action on the asset (using an agent) with a choice of Remediations/Mitigations option.
It’s a logical step. Since they gave the ability to patch, why not give the ability to apply workarounds. But Qualys will have a lot of difficulties with this. 🫣
Hi! My name is Alexander and I am a Vulnerability Management specialist. You can read more about me here. Currently, the best way to follow me is my Telegram channel @avleonovcom. I update it more often than this site. If you haven’t used Telegram yet, give it a try. It’s great. You can discuss my posts or ask questions at @avleonovchat.
А всех русскоязычных я приглашаю в ещё один телеграмм канал @avleonovrus, первым делом теперь пишу туда.