Maintain full, instant visibility of all your global IT assets.
Continuous discovery and 2-second visibility
Asset Inventory constantly gathers information on all assets, listing installed software, existing vulnerabilities and hardware details. Clicking on an asset record lets you see all the details Asset Inventory has collected about it. A powerful search engine lets you do ad hoc queries and refine them using different criteria.
With Asset Inventory, you can detect a variety of issues, such as unauthorized software, or IT policy violations like the disabling of a personal firewall or the lowering of an app’s security settings.
A certified application synchronizes Qualys Asset Inventory data with ServiceNow’s Configuration Management system. Device changes are immediately transmitted to the Qualys Cloud Platform and then synchronized with ServiceNow. For customers, this means an end to unidentified and misclassified assets, and to data update delays, all of which increase chances of breaches.
Real-time monitoring with Cloud Agents
In addition to Qualys network scanners, Asset Inventory leverages our Cloud Agents, which are lightweight, self-updating and run in the background. They continuously assess the compliance and security status of assets they reside on, including intermittently connected ones, without needing scan windows nor credential management.
Access a complete, searchable IT asset inventory
You can’t protect – nor defend yourself from – what you don’t know is in your network, like unapproved devices and unauthorized software. Qualys gives you full horizontal visibility of all hardware and software, scaling up to millions of assets – on premises, in cloud instances and mobile endpoints.
- Continuously collects and feeds system, compliance, and security data from IT assets into the Qualys Cloud Platform for aggregation, indexing, correlation and analysis
- Covers all bases with a variety of data discovery and collection sensors, such as:
- Physical and virtual appliances that scan IT assets on premises, in private clouds, or in virtualized environments
- Cloud appliances that remotely scan your IaaS and PaaS instances in commercial cloud platforms
- Lightweight, all-purpose Cloud Agents that continuously monitor assets they’re installed on, such as laptops
- Has a powerful search engine that lets you craft complex queries combining multiple asset criteria and that returns results instantly, so in two seconds you can find out:
- How many PCs from a particular manufacturer do we have in our environment?
- Which of our IT assets are impacted by a specific vulnerability?
- Which servers are running an OS that its vendor recently stopped supporting?
- Which IT assets have a particular piece of software installed?
- How many Lenovo laptops running the latest version of Windows 10 and located in my India office have a particular vulnerability?
Get a granular, deep view into asset components
Qualys gives you deep visibility into the assets, granting you a detailed, multidimensional view of each one that encompasses both its IT and security data. You can flag issues such as configuration problems, security risks, IT policy violations and regulatory non-compliance with an asset profile that includes a wealth of data, such as:
- Hardware specs
- Installed software, including applications, OS, drivers, utilities and plug-ins
- Network connections
- Approved users, and usage logs
- Installed patches
- Open vulnerabilities
- Services, file systems, running processes and registry keys
- Virtualized environment details, such as the constant proliferation of internal and external images
- Geographic location and time zone
- IT policy compliance settings
Get real-time, continuous inventory updates with Qualys Cloud Agents
An IT asset inventory loses its value if its data gets stale. New vulnerabilities are disclosed every day. Old ones can suddenly become more dangerous. A laptop can quickly go from secure to compromised. Qualys complements its physical, virtual and cloud scanners with its revolutionary Cloud Agents, which:
- Are lightweight and, after the initial comprehensive asset assessment, only report detected changes, so they have a minimal impact on systems and networks
- Run in the background and update themselves
- Continuously assess the asset’s security and compliance status
- Can be installed in assets that are on premises, in cloud instances and mobile endpoints
- Are deployed via a flexible, compact agent installer
Highlight and rank criticality of assets
Not all assets carry the same weight within your organization. Asset Inventory lets you tag your assets, so you put relevant labels on them in the inventory and organize them in multiple ways. For example, you can specify which assets fall within the scope of PCI DSS (Payment Card Industry Data Security Standard) compliance.
- Supports tagging of assets for easy labeling and identification, instantly adding business context to your inventory
- Gives you the ability to apply tags manually or configure rules and parameters for automatic tagging
- Supports creating any kind or any number of hierarchies, and giving assets as many tags as you want
- Calculates criticality based on an asset’s aggregated and consolidated system, security, and compliance data, as well as established hierarchies and priorities
Visualize with customizable dashboards and powerful reports
It’s essential to graphically display and document IT inventory data so that you can act on insights and prevent and address threats. Asset Inventory’s interactive, customizable dashboard and powerful reporting capabilities let you visualize and share the security, configuration and compliance status of IT assets.
- Leverages robust search engine to let you turn queries about IT assets into dashboard widgets updated in real time, so you don’t have to manually run a frequent query
- Displays widget data in various ways using graphs, tables and charts
- Lets you establish thresholds and alerts you when they’ve been reached, for example, by changing a widget’s background color from green to red
- Allow you to create different dashboards and reports tailored for different purposes and users, such as InfoSec pros, compliance/risk managers, and CSOs
Integrate with your CMDB
IT asset inventory solutions must link up with your CMDB (configuration management database) and continuously feed it fresh, detailed data. That way, the CMDB can better illustrate and map the relationships, connections, hierarchies and dependencies among IT assets. The Qualys App for ServiceNow CMDB syncs information about assets Qualys discovers into ServiceNow.
- Allows IT departments to be more effective at a variety of critical tasks, such as change management, service requests, incident response, system repair and impact analysis
- Eliminates the need for IT staffers to manually update the CMDB with granular system, security and compliance data on new and changed assets across an IT environment
- Supports flexible configuration for multiple Qualys accounts/API sources and synchronization schedules
- As required by ServiceNow, stages changes to the ServiceNow CMDB for user approval before writing them to the CMDB
- Features preconfigured table transform maps for open ports, assets, network interfaces, software, processors and volumes, as well as preconfigured reports
Powered by the Qualys Cloud Platform
See the results in one place, in seconds. With AssetView, security and compliance pros and managers get a complete and continuously updated view of all of their IT assets — from a single dashboard interface. Its fully customizable and lets you see the big picture, drill down into details, and generate reports for teammates and auditors. Its intuitive and easy-to-build dynamic dashboards aggregate and correlate all of your IT security and compliance data in one place from all the various Qualys Cloud Apps. With its powerful elastic search clusters, you can now search for any asset – on-premises, endpoints and all clouds – with 2-second visibility.
Centralized & customized
Centralize discovery of host assets for multiple types of assessments. Organize host asset groups to match the structure of your business. Keep security data private with our end-to-end encryption & strong access controls. You can centrally manage users’ access to their Qualys accounts through your enterprise single sign-on (SSO). Qualys supports SAML 2.0-based identity service providers.
Deploy from a public or private cloud — fully managed by Qualys. With Qualys, there are no servers to provision, no software to install, and no databases to maintain. You always have the latest Qualys features available through your browser, without setting up special client software or VPN connections.
Scalable and extensible
Scale up globally, on demand. Integrate with other systems via extensible XML-based APIs. You can use Qualys with a broad range of security and compliance systems, such as GRC, ticketing systems, SIEM, ERM, and IDS.
Feel free to contact E-SPIN for the requirement inquiry, consultancy and solution delivery.