Five Hard Truths About Critical Infrastructure Protection When it comes to IT security, the odds are decidedly uneven. The perpetrators of these cyber attacks have access to what seems to be unlimited resources that they employ to automate the launch of thousands of attacks. In contrast, IT organizations are lucky if they can identify and […]
Five Hard Truths About Critical Infrastructure Protection
When it comes to IT security, the odds are decidedly uneven. The perpetrators of these cyber attacks have access to what seems to be unlimited resources that they employ to automate the launch of thousands of attacks. In contrast, IT organizations are lucky if they can identify and thwart the most rudimentary of attacks—never mind anything particularly sophisticated.
Looking to help IT organizations even the odds against hackers, Qualys today unfurled a new continuous monitoring cloud service that makes it easier to identify changes to the IT environment and send alerts to the appropriate tool for remediation.
Qualys CTO Wolfgang Kandek says that after an initial scan of the IT environment is completed, Qualys Continuous Monitoring will use subsequent scans to identify any changes to the environment. Should a change be discovered, the Qualys Continuous Monitoring service will make use of application programming interfaces (APIs) to send an alert about those changes, including changes to perimeter IP addresses or to a security information event management (SIEM) system, such as HP ArcSight or Splunk, using a Common Event Format (CEF).
Hackers and other digital miscreants are continuously scanning for system vulnerabilities. Once one is discovered, they generally change a setting on a system to make subsequent attacks more successful. In fact, it may be months before they exploit that vulnerability to the fullest extent. In much the same way that attackers are leveraging botnets and other technologies to discover those vulnerabilities, Kandek says Qualys is leveraging automated scans to discover unauthorized changes that would signal that such vulnerabilities are being exploited.
Those scans, says Kandek, can be set to run as often as an IT organization wants or the scans can be targeted to look for specific types of vulnerabilities.
IT security has clearly reached the point where reliance on manual processes isn’t going to be enough to secure the IT environment. Most organizations, however, don’t have the resources needed to continuously scan their environments. As a result, a shared cloud security service that distributes the cost of providing that level of continuous scanning is a huge help in a world where digital criminals have never been better equipped or more organized.
Michael Vizard is a seasoned IT journalist, with nearly 30 years of experience writing and editing about enterprise IT issues. He is a contributor to publications including Programmableweb, IT Business Edge, CIOinsight and UBM Tech. He formerly was editorial director for Ziff-Davis Enterprise, where he launched the company’s custom content division, and has also served as editor in chief for CRN and InfoWorld. He also has held editorial positions at PC Week, Computerworld and Digital Review.
The go-to resource for IT professionals from all corners of the tech world looking for cutting edge technology solutions that solve their unique business challenges. We aim to help these professionals grow their knowledge base and authority in their field with the top news and trends in the technology space.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.
