Unveiling Enhanced Security Measures: Presenting Vulnerability Discovery Tools within VMDR
Qualys, a leading provider of cloud-based security and compliance solutions, has announced several enhancements to its Vulnerability Management Dashboard (VMDR) and Policy Audit, aimed at improving decision-making, focusing resources, and enhancing security.
Starting Q3, 2025, Qualys will extend its Vulnerability Detection Sources to Policy Audit. These sources, primarily developed by Qualys, provide robust vulnerability detection content and updates. While the specific third-party providers are proprietary, Qualys does integrate data from various external sources to ensure comprehensive vulnerability intelligence.
One of the key features of the Vulnerability Detection Sources is TruRisk Eliminate. This proactive approach allows organisations to address nearly 100% of CISA Known Exploited Vulnerabilities (KEVs), significantly reducing the risk of cyber-attacks.
The added visibility provided by these features will be invaluable to audit and compliance teams. It will help improve audit readiness and reporting accuracy, ensuring organisations remain compliant with industry standards and regulations.
To include source information, users can utilise the parameter vuln_detection_source=1. This feature is accessible via the Qualys API, with the endpoint for Vulnerability Detection Sources being /api/4.0/fo/asset/host/vm/detection/.
The XML output from the API provides a complete detection history, including the full list of sources and the most recent one. With this information, users can make informed decisions about their security posture.
In addition to these improvements, Qualys VMDR now offers an integrated approach that includes Automated Patching, Configuration-Based Mitigations, and Device Isolation. This holistic approach to vulnerability management ensures organisations can proactively address security issues and reduce their attack surface.
Furthermore, the TruRisk Eliminate feature is designed to transform vulnerability management from reactive to proactive. With it, organisations can prioritise external threats, eliminate risk with clarity and confidence, and accelerate time to remediation.
Lastly, with Policy Audit, users will be able to identify the exact sensor source that detected each compliance control failure. This level of detail will help organisations pinpoint areas for improvement and ensure they maintain a secure and compliant environment.
These updates demonstrate Qualys' commitment to providing robust, comprehensive, and easy-to-use security solutions. By harnessing the power of Vulnerability Detection Sources, TruRisk Eliminate, and Policy Audit, organisations can take a proactive approach to security and compliance, ensuring they remain protected against cyber threats.
