Qualys announced that QualysGuard Vulnerability Management will now feature vulnerability prediction capabilities within a new dashboard and threat reports for zero-days and Microsoft Patch Tuesday Analysis.


These reports provide security professionals with insight into zero-days and upcoming security patches along with exposure ratings, helping them plan and prioritize remediation of the associated vulnerabilities including Verisign’s iDefense exclusive zero-day vulnerabilities and global threats.

“Analyzing the impact of Patch Tuesday and zero-day vulnerabilities is a challenging task for IT departments,” said Charles Kolodgy, research vice president, Secure Products for IDC. “Providing an instant view of where the impact of the new vulnerabilities are will help customers better assess their risk exposures and therefore allow them to allocate the needed resources to eliminate or mitigate these threats.”

Without launching any new scans, the new dashboard and threat reports leverage the vulnerability predictive analytics engine to provide the following:

• Dashboard widget that provides easy-to-read view of the latest Microsoft security bulletins including the percentage of potentially impacted IT assets in the network.
• Microsoft bulletin references linked to vulnerabilities with detailed descriptions of threat, impact and solutions, in addition to potential associated known exploits and malware from multiple sources.
• Vulnerability prediction report per Microsoft bulletin with affected host breakdown by asset groups in the network.
• Search capabilities to search, scan and report on vulnerabilities over specific time periods, affecting different products or software.
• Latest information and signatures for iDefense exclusive zero-day threats with customizable alerts on new zero-days along with a threat report providing the list of IT assets that are potentially impacted by the zero-day.

“Two years back we introduced a patch report in QualysGuard to help IT professionals drive remediation efforts more effectively,” said Philippe Courtot, chairman and CEO for Qualys. “Today we are taking another step forward by providing an innovative vulnerability prediction engine for zero-days and Microsoft Patch Tuesday vulnerabilities that predicts potential impact without the need to perform additional scans, so customers can take action the day of the release to minimize their risk of exposure.”