{"id":49174,"date":"2022-11-04T20:45:00","date_gmt":"2022-11-04T20:45:00","guid":{"rendered":"https:\/\/www.csoonline.com\/article\/3678852\/qualys-previews-totalcloud-flexscan-for-multicloud-security-management.html#tk.rss_security"},"modified":"2022-11-04T20:45:00","modified_gmt":"2022-11-04T20:45:00","slug":"qualys-previews-totalcloud-flexscan-for-multicloud-security-management","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/qualys-previews-totalcloud-flexscan-for-multicloud-security-management\/","title":{"rendered":"Qualys previews TotalCloud FlexScan for multicloud security management"},"content":{"rendered":"
<\/div>\n

Vulnerability management vendor Qualys this week announced the trial availability of its TotalCloud with FlexScan offering, an agentless, cloud-native vulnerability detection and response platform designed for use in multicloud and hybrid environments.<\/p>\n

The software is designed to provide a holistic overview of an organization\u2019s cloud-based workloads and identify known vulnerabilities. The system also scans workloads to check whether they\u2019ve opened network ports, and monitors a host of other factors to offer a detailed picture of a business\u2019 overall vulnerability status, tracking publicly exposed VMs (virtual machines<\/a>), databases, user accounts and exploitable vulnerabilities in public-facing assets.<\/p>\n

The company said that many of TotalCloud\u2019s capabilities are designed to be no-code, allowing users to use a GUI (graphical user interface) to perform complex operational tasks such as quarantining assets and setting alert parameters, which would ordinarily require coding and be much more time-consuming.<\/p>\n

TotalCloud, Qualys added, is also designed as a devsecops<\/a> tool for developers, allowing them to identify and correct security flaws at each step of the development process.<\/p>\n

TotalCloud features agentless design<\/h2>\n

One of TotalCloud\u2019s main selling points is its agentless<\/a> design, meaning that no software has to run on the monitored assets, with the idea being that the software won\u2019t affect the workloads it is monitoring, according to IDC group vice president for security and trust Frank Dickson.<\/p>\n

\u201cAgentless security is a wonderful innovation to address imperfective approaches to application security within organizations,\u201d he said. \u201cEssentially, agentless security mitigates cross organization conflict resulting from developer objections as cloud operations is essentially examining the environment behind a virtual sealed pane of glass.\u201d<\/p>\n