Free tool helps fend off most cyber attacks
Posted on 26 February 2014.
Today at the RSA Conference Qualys announced that it has collaborated with the SANS Institute and the Council on CyberSecurity to release a new free tool to help organizations implement the Top 4 Critical Security Controls to fend off attacks.

The new tool, helps organizations quickly determine if the PCs in their environments have properly implemented the Top 4 Critical Security Controls, which the Council on CyberSecurity estimates can help companies prevent 85% of cyber-attacks.

"The Qualys Top 4 tool is an extremely elegant and effective solution that helps both small and large businesses determine how resilient they are to today's advanced threats,” said Jonathan Trull, CISO for the State of Colorado. “This is exactly the type of public-private partnership our country needs to address the cyber attacks threatening our economy and critical infrastructure."

Built on the QualysGuard Cloud Platform, the new Top 4 cloud service helps businesses easily and quickly identify whether Windows PCs in their environments have implemented the Top 4 controls for:

1. Application Whitelisting – only allowing approved software to run.
2. Application Patching – keeping applications, plug-ins and other software up to date.
3. OS Patching – keeping operating systems current with the latest fixes.
4. Minimizing Administrative Privileges – preventing malicious software from making silent changes.

IT Administrators can then use the reports from the free tool to track endpoints that are not in compliance and apply the necessary measures to make them more resilient to attacks.

“The strength of the Critical Security Controls is that they reflect the combined knowledge of actual attacks and effective defenses from experts that have extensive knowledge about current threats,” said Philippe Courtot, chairman and CEO of Qualys. “We built this cloud service in collaboration with the SANS Institute and the Council of CyberSecurity to help organizations ensure that these controls are in place and as a result identify the PCs in their environments that require immediate attention.”


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Mon, Feb 8th