IT Security vendor Qualys have added Asset Inventory to their Cloud Platform. They may be an unfamiliar vendor for IT Asset Managers but are leaders in the IT Security market, being the first to deliver a suite of security services such as vulnerability management and proof of compliance as a subscription service via the Cloud. With Asset Inventory they claim 2-second visibility of deployed software across On-Prem, Cloud, and BYOD endpoints, including containers. The Cloud Platform service is cloud-hosted as a managed service, direct with Qualys or via a partner.
At our UK Conference I called for closer engagement between ITAM & IT Security team and this is an example of the benefits available. Fundamentally, you can’t secure what you don’t know about, and for this reason the critical foundations for any security management system are continuously-updated hardware and software inventories. As a result, Qualys have effectively entered the ITAM inventory space as a by-product of their strategic delivery of a security infrastructure.
The new offering uses an organisation’s existing Qualys scanning infrastructure (typically consisting of a variety of agent-based and appliance-based scanners) to gather a full inventory of devices. The approach is similar to the agent-based discovery we’re familiar with as asset managers in that it still requires an agent to be packaged, deployed, and updated. Where it differs is that the single agent provides real-time data to a growing number of apps running on the Qualys Cloud Platform – for example Vulnerability Management, CMDB integration, PCI-DSS compliance, and Container Security. This has the potential to reduce discovery agent sprawl and improve endpoint performance. With multiple stakeholders relying on the agent infrastructure this should also mean that there is a desire to keep the discovery environment healthy, addressing inventory completeness issues often encountered by ITAM managers.
The benefits of this approach for inventory completeness appear to be clear. However, this product does not deliver all the functionality an ITAM team requires. It is just an inventory tool. Even the inventory normalisation component is only in beta at present. There is no functionality to combine inventory with license entitlement so at best it can only act as an inventory source alongside a full ITAM suite. It remains an interesting entry into the ITAM marketplace and may gain traction given the current C-Suite focus on security in response to worldwide cyber attacks such as WannaCry.
Qualys has indicated their interest in ITAM through this release, with a longer-term roadmap in the pipeline evidenced by the Beta programme that the company is running as well. Their existing API capabilities allow customers to build their own integrations with many third parties, and if they can leverage this to integrate the continuous discovery element of this tool with other vendors (Qualys already has an integration with ServiceNow CMDB, for example), it may become an even more valuable inventory source for ITAM Managers. Convergence between IT Security & ITAM tools is likely to continue because the regulatory framework (particularly GDPR & PCI-DSS) mandates policies and proof of compliance around application inventories, whitelisting, and processing for personal data. ITAM & ITSec integration is a key theme for 2018 and beyond and I urge ITAM professionals to engage with their ITSec teams to reap clear mutual benefits.
If you’re already a user of Qualys’ Cloud Platform I’d welcome your review in the ITAM Review Marketplace – you can submit a review for this or any other ITAM-related product via this link.