Defensive Strategies and Qualys VMDR – PSW #649

The crew talks about how to accomplish asset management, vulnerability management, prioritization of remediation, and the actual remediation steps! No small task! Then check out a deep dive demonstration of Qualys VMDR that includes, you guessed it, Asset Management, Vulnerability Management, Threat Detection & Prioritization, and Response!

To learn more about Qualys and VMDR, please visit: https://securityweekly.com/qualys

Visit https://www.securityweekly.com/psw for all the latest episodes!

Full Episode Show Notes

To learn more about our sponsors visit: The Security Weekly Sponsor’s Page

Defensive Strategies and Qualys VMDR

The crew talks about strategies to achieve the following:

Asset Management – Why it is important and how you might accomplish this in your organization. In the cloud? Containers? OT?

Vulnerability Management – Do we need to find ALL the vulnerabilities? What other tactics can be used to find vulnerabilities that tie into a full VM program?

Prioritization – How do we define what is important and what is not? What factors go into prioritizing vulnerabilities?

Patching – The above 3 activities really mean nothing unless the teams can fix the problems found. What do organizations do to ensure that patches actually get applied? How important is it to automate patching so IT and Security teams can focus on other things?

Following this discussion is a great demo from Sumedh Thakar of Qualys of VMDR, a complete solution for the items we discussed at the top of the segment! Qualys VMDR is an end-to-end solution that cuts across the entire hybrid environment and one that is real-time, accurate, easy to deploy and operate.

Hosts

Jeff Man
Jeff Man – Sr. InfoSec Consultant
Lee Neely
Lee Neely – Senior Cyber Analyst
Paul Asadoorian
Paul Asadoorian – Founder & CTO
Tyler Robinson
Tyler Robinson – Managing Director of Network Operations

Guests

Sumedh Thakar
Sumedh Thakar – Chief Product Officer

Announcements

  • Learn how penetration testing reduces risk in our next live webcast with Core Security (a Help Systems Company). Register for our upcoming webcasts or virtual trainings by visiting securityweekly.com/webcasts. You can also access our on-demand library of previously recorded webcasts/trainings by visiting securityweekly.com/ondemand.
  • Join the Security Weekly Mailing List by visiting securityweekly.com/subscribe and clicking the button to join the list! We will be starting to roll out our public Discord channel in the next week or so and our mailing list subscribers will get the first invites!
  • Join us at InfoSecWorld 2020 – June 22nd-24th now a fully virtual event! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code!
  • We are looking for high-quality guest suggestions for all of our podcasts to fill our Q3 recording schedule! Submit your suggestions for guests by visiting securityweekly.com/guests and submitting the form! We review suggestions monthly and will reach out to you once reviewed!