Vulnerability management vendor Qualys this week announced the trial version of its TotalCloud with FlexScan product, an agentless, cloud-native vulnerability detection and response platform designed for use in multi-cloud and hybrid environments.
The software is designed to provide a holistic overview of an organization’s cloud-based workloads and identify known vulnerabilities. The system also scans workloads to check whether they have open network ports and monitors many other factors to provide a detailed picture of the overall vulnerability status of the enterprise, tracking publicly exposed virtual machines (VMs), databases, user accounts and public-facing Exploitable vulnerabilities in assets.
Many of TotalCloud’s features are designed to be code-free, allowing users to use a GUI (graphical user interface) to perform complex operational tasks, such as isolating assets and setting alarm parameters, which typically require coding and are more time-consuming, the company said.
Qualys added that TotalCloud is also designed as a devsecops tool for developers, enabling them to identify and correct security vulnerabilities at every step of the development process.
TotalCloud uses an agentless design
One of TotalCloud’s key selling points is its agentless design, which means there’s no software to run on the assets being monitored. The idea is that the software won’t impact the workloads it’s monitoring, said IDC Group’s vice president of security and trust. Frank Dickson said.
“Agentless security is an excellent innovation that addresses the imperfect approach to application security within organizations,” he said. “Essentially, agentless security mitigates cross-organizational conflicts caused by developer dissent because cloud operations are essentially inspecting the environment behind a virtual sealed pane.
However, this also means that an agentless security approach is essentially based on a single snapshot of the system it protects, rather than on continuous, moment-to-moment monitoring. According to Dickson, this means the system cannot protect workloads that are temporarily started and then shut down again between those snapshots.
“Additionally, agentless solutions cannot extract active telemetry data such as process information, L3/L4 connection activity, memory analysis or other real-time information,” he noted. “Finally, action without agents is very limited, and therefore response and remediation are limited. Security professionals will be limited in their ability to isolate workloads or redeploy golden images without agents.