Qualys, Inc. announced it is expanding Qualys CyberSecurity Asset Management (CSAM) to identify unmanaged and untrusted devices in real-time. Leveraging the Qualys Cloud Agent to continuously monitor the network, this passive discovery method complements scans, agents, and API-based discovery to build a comprehensive asset inventory, calculate the TruRisk of every asset, and eliminate risk based on business impact. With this new capability, Qualys CyberSecurity Asset Management strengthens its position as the industry leader in combining internal and external attack surface management.

By leveraging Qualys Cloud Agents to sniff network traffic, customers have identified an average of 34% more unmanaged and untrusted assets, seamlessly integrating them into their vulnerability management programs with business context and risk assessment. Qualys CyberSecurity Asset Management with passive sensing provides organizations with: Complete Internal Attack Surface Coverage: Incorporates the final component of a comprehensive asset inventory to detect risk from IoT devices, unauthorized cloud instances and any network devices that may have been previously missed. By adding previously unmanaged and untrusted network device inventory, organizations can perform automated vulnerability management and compliance scans to identify vulnerabilities and misconfigurations, calculate TruRisk, and prioritize remediation actions based on business risk?all within a single platform.

Lays the Foundation for Zero Trust Security Architecture: CyberSecurity Asset Management proactively identifies devices connected to the network that are not authenticated, missing security agents, or otherwise untrusted in real-time. This provides cyber risk assessment?without additional overhead, cost, or resource deployment. Turbocharges CMDB Accuracy and Coverage: Automatically add discovered assets to the configuration management database (CMDB), enabling IT with comprehensive visibility required to manage asset inventory lifecycle and remediate cyber risk.