Cloud based security platforms are must have

Marco Rottigni, Chief Technical Security Officer EMEA, Qualys.
Marco Rottigni, Chief Technical Security Officer EMEA, Qualys.
by
3 years ago

Multiple integrated applications process the telemetry collected by a set of specialised sensors across the organisations’ digital estate — on-premises, in cloud, containerised, mobile IT and OT. They will enrich the security context to deliver functional consolidation, resource optimisation, and operational effectiveness to achieve three results: building a security-oriented and updated asset inventory of the entire infrastructure, empowering the prevention with threat-based prioritised remediation of the vulnerable surface, and augmenting detection and response capabilities.

If we look back about five years ago, to build a new service you would have needed to invest in rack space; provision the servers and storage; ensure the proper connectivity; install the software needed; and size the computational power for the growing data.

Analytics will derive the high-level situational awareness that you need to support strategic decisions

Fast forward today, in the cloud, you can scale resources granularly to expand or to shrink the relevant part of your service: database, storage, computing power.

AI will learn baselines and process immense quantities of data in no time. Analytics will derive the high-level situational awareness that you need to support strategic decisions. Security solutions are also tremendously benefiting from these trends!

Cloud based security platforms are no longer a nice to have but a must have. With the amount of threat and incident related data that is collected and correlated, cloud is the only answer.

AI will learn baselines and process immense quantities of data

With improvements in AI and Analytics, Cloud Security platforms like Qualys can sift through trillions of data points and distil them into actionable intelligence making the CISO’s life a lot easier and enabling companies to embrace digital transformation with open arms

The last 12 months saw old perimeters disintegrate and the emergence of identity or the individual as the new security perimeter. Mobile computing happens on devices connected through networks that are much harder to control. The OT-verse is merging or clashing with a more modern, more resilient IT-verse; exposing vulnerable attack surfaces that, if compromised, have side effects beyond bits, into the world of atoms.

Security solutions are tremendously benefiting from these trends

Attackers and threat actors did react to these changes, targeting as usual the weakest links – the user, who is now much more exposed than before because of a weaker security posture and the supply chain, as it is often easier to infiltrate than the final target.

The most effective solutions will be the ones that do not require infrastructural overload with heavy on-premises installations, but instead, leverage the SaaS model and the cloud to deliver the needed scale and performance, on demand.


The first step is to build an asset management system with security built-in and understand the threat and risk context of the new infrastructures. Second, increase accuracy of prevention with a risk-based prioritised remediation of the vulnerable surface. Third, augment your early detection capabilities and your response velocity and effectiveness to mitigate the risk of compromise. Finally, act on all the different environments composing your digital estate and provide situational awareness and expose the risk appetite to the board, in business terms that they understand.


With improvements in AI and Analytics, cloud security platforms can sift through trillions of data points and distil them into actionable intelligence.

Don't Miss

Qualys, Sumedh Thakar,

Qualys Debuts Industry’s First Risk Operations Center (ROC) in the Cloud

Qualys has announced the launch of the industry’s first Risk Operations Center
Sumedh Thakar, president and CEO of Qualys

Qualys Expands TruRisk Eliminate to Mitigate Cyber Risk Without Patching

Qualys has introduced TruRisk Eliminate, a remediation solution that goes beyond patching