The new tool, helps organizations quickly determine if the PCs in their environments have properly implemented the Top 4 Critical Security Controls, which the Council on CyberSecurity estimates can help companies prevent 85% of cyber-attacks.
"The Qualys Top 4 tool is an extremely elegant and effective solution that helps both small and large businesses determine how resilient they are to today's advanced threats, said Jonathan Trull, CISO for the State of Colorado. This is exactly the type of public-private partnership our country needs to address the cyber attacks threatening our economy and critical infrastructure."
Built on the QualysGuard Cloud Platform, the new Top 4 cloud service helps businesses easily and quickly identify whether Windows PCs in their environments have implemented the Top 4 controls for:
1. Application Whitelisting only allowing approved software to run.
2. Application Patching keeping applications, plug-ins and other software up to date.
3. OS Patching keeping operating systems current with the latest fixes.
4. Minimizing Administrative Privileges preventing malicious software from making silent changes.
IT Administrators can then use the reports from the free tool to track endpoints that are not in compliance and apply the necessary measures to make them more resilient to attacks.
The strength of the Critical Security Controls is that they reflect the combined knowledge of actual attacks and effective defenses from experts that have extensive knowledge about current threats, said Philippe Courtot, chairman and CEO of Qualys. We built this cloud service in collaboration with the SANS Institute and the Council of CyberSecurity to help organizations ensure that these controls are in place and as a result identify the PCs in their environments that require immediate attention.