Organizations grappling with the threat of ransomware can now turn to a new tool to better identity the ways in which they’re vulnerable to attack. Available starting Oct. 5, Qualys’ Ransomware Risk Assessment service is designed to help you identify and track the data and other assets most susceptible to the threat of ransomware. Security vulnerabilities are matched with available patches that you can deploy directly using Qualys’ Zero-Touch Patch tool.
SEE: How to prevent another Colonial Pipeline ransomware attack (TechRepublic)
Cybercriminals like to exploit known security holes to launch their attacks and compromise key assets. But organizations often fail to keep up with the latest patches, leaving their systems, data and networks at risk. The goal behind the Ransomware Risk Assessment is to track down the most vulnerable assets, identify the necessary security patches and provide a way to roll out those patches.
Based on research and knowledge from the Qualys research team, the Ransomware Risk Assessment tool offers the following key details and capabilities.
- A view of internet-facing assets exposed to ransomware due to vulnerabilities or misconfiguration.
- A list of the assets affected by each security vulnerability or misconfiguration.
- An overview of all unpatched vulnerabilities.
- Recommendations for the most critical vulnerabilities on which you should focus.
- The ability to track and measure your effectiveness at responding to vulnerabilities and misconfigurations.
- Best practices from CISA to ward off ransomware attacks.
Patch management itself is a major challenge for many organizations as they struggle to keep up with all the security vulnerabilities affecting their assets. Research from Qualys indicates that it can take users as many as 194 days on average to install a patch for a ransomware-related flaw.
After your vulnerable assets have been identified via the Risk Assessment tool, you can turn to the Qualys Zero-Touch Patch tool, which offers its own 60-day free trial. This service provides an automated patching feature to help you quickly respond to known vulnerabilities.
“Ransomware risk is top of mind for CISOs who are no longer satisfied with reactive tools and generic guidelines,” Qualys CEO and president Sumedh Thakar said in a press release. “They want actionable information to reduce risk proactively. The Qualys security team has extensively researched past ransomware attacks as well as CISA, MS-ISAC and NIST guidance and operationalized it into a prescriptive, actionable plan so companies can proactively remediate to stay ahead of ransomware attacks and reduce their overall risk.”
As part of Cybersecurity Awareness Month, Qualys is offering the Ransomware Risk Assessment tool at no cost for the first 60 days. To sign up for the free 60-day trial, go to the Qualys Ransomware Risk Assessment online form. Beyond the 60 day trial, the cost of the service varies based on volume and number of assets. Contact Qualys directly for information on pricing and other details.