Business
Qualys Indication of Compromise IOC 2.0 Now Provides Advanced Attack Detection, Investigation, and Response Capabilities
FOSTER CITY, Calif., July 29, 2019 /PRNewswire/ -- Qualys Inc. (NASDAQ: QLYS), a pioneer and leading provider of cloud-based security and compliance
About this update from Qualys, Inc.
[{"type":"text","content":"FOSTER CITY, Calif., July 29, 2019 /PRNewswire/ -- Qualys Inc. (NASDAQ: QLYS), a pioneer and leading provider of cloud-based security and compliance solutions, today announced a major update of its Indication of Compromise (IOC) solution, an integrated app delivered on the Qualys Cloud Platform.\n\"Qualys IOC now provides enhanced attack detection, investigation, and response for security analysts, incident responders, and managed security service providers. Leveraging the same Qualys Cloud Agent already deployed for an organization's asset inventory, vulnerability management, policy compliance, and patch management programs, Qualys consolidates functions and advanced capabilities to provide broad and deep security coverage,\" said Philippe Courtot, chairman and CEO, Qualys, Inc. \nQualys IOC 2.0 new detection, investigation, and response capabilities include:\nBehavior-based Scoring Engine to Prioritize ResponseSecurity analysts often waste valuable time chasing false alarms, ghost alerts, and non-impactful malware infections with solutions that have a single scoring dimension. Qualys IOC's new incident scoring engine factors in additional behavior attributes including file analysis, process state, and network connections to prioritize responses based on how the attack is behaving in the network. This enables security analysts to respond to the most critical attacks first. Enhanced Attack Detection Using Comprehensive File Reputation Threat FeedQualys IOC extends the detection of malicious, suspicious, and fileless attacks that are often missed by anti-virus agents through the native integration of a leading file reputation threat feed provider. This enhances attack detection while eliminating the cost and complexity required by other solutions to correlate events in external SIEMs that cannot scale to handle the event volume associated with modern attacks. Real-Time and Historical Views of Attack Patterns Speed Investigation and ResponsePowered by Qualys' highly scalable Elasticsearch clusters, IOC now stores raw event telemetry and post-processed attack indicators across multiple dimensions: time-series and current state indexes. This enables security analysts to quickly answer and respond to the two most important questions to speed investigation and response: \"Is the attack still live in my network?\" and \"At what point i...