Tag Archives: PatchManagement

Regarding the Qualys Patch Management event that took place yesterday

Leave a reply

Regarding the Qualys Patch Management event that took place yesterday

Regarding the Qualys Patch Management event that took place yesterday.

I liked:

✅ Cool report by Eran Livne about Patch Management capabilities in Qualys. 👍 Especially about creating linked patching tasks (first for a test scope, and a week later for a full scope) and about the ability to isolate hosts as a mitigation option (access remains only from the Qualys cloud). The part about new TruRisk Eliminate was also interesting.
✅ Adam Gray beautifully justified the need for mandatory patching (since prevention doesn’t really work 🤷‍♂️).

I didn’t like:

❌ Most speakers focused on other information security topics rather than patch management. I think it would have been possible to select more thematic reports for this event.
❌ I simply can’t accept theses like “you don’t need to patch all vulnerabilities”. 🤷‍♂️ My position: you need to patch everything. And workarounds are good for a while UNTIL a patch is installed.

На русском

Qualys introduces TruRisk Eliminate for augmented Patch Management

Leave a reply

Qualys introduces TruRisk Eliminate for augmented Patch Management

Qualys introduces TruRisk Eliminate for augmented Patch Management. Qualys didn’t wait until the event and published a blog post. What they presented is an implementation of workarounds.

In the screenshot of TruRisk Eliminate we see a filtered list of vulnerabilities on assets, the criticality of vulnerabilities in the form of QDS, the Remediations and Mitigations columns.

🔹 Remediations – installing a patch or installing a patch with reconfiguration.

🔹 Mitigations – workarounds that neutralize the vulnerability instead of patching: changing the registry key, changing the config, removing the application, blocking the port, isolating the device, etc.

And there is a button to perform an action on the asset (using an agent) with a choice of Remediations/Mitigations option.

It’s a logical step. Since they gave the ability to patch, why not give the ability to apply workarounds. But Qualys will have a lot of difficulties with this. 🫣

На русском

Tomorrow Qualys will host a major online event about Patch Management

Leave a reply

Tomorrow Qualys will host a major online event about Patch Management

Tomorrow Qualys will host a major online event about Patch Management. They promise to present the “groundbreaking new strategies” of “Patching goes Patchless”. Will they promote immutable infrastructure? Virtual patching? Something else? 🤔 We’ll see.

What else will there be, besides the keynote report by Qualys CEO?

🔹 CIS will talk about when to install patches (and when not to), minimizing disruptions to business.
🔹 Reports by CyberSec companies. InfoSys will tell you how to deal with 80-85% of critical security updates within 4-5 days. Novacoast will throw in a report “your tools don’t work”.
🔹 Client reports by JPMorgan Chase and Signature Aviation employees (judging by their social networks 😉).
🔹 2 product reports by Qualys about improving interaction with IT and “remediation beyond patching”.

The event will start at 9:00 AM PT and will last ~4 hours. I think the keynote and product reports are definitely worth checking out, the rest is optional.

На русском