Qualys

Efficiently Manage Security Vulnerabilities Faster with QualysVM® and Puppet Remediate™
Puppet Remediate Request a demo 
qualys logo

Shared vulnerability data

With Puppet Remediate, InfoSec runs scans with QualysVM, but instead of manually exporting scan data into spreadsheets or PDFs, Puppet Remediate integrates with QualysVM, eliminating the need for manual data handover from InfoSec to IT Ops.  IT Ops receives read-only live scan data automatically with Puppet Remediate. With streamlined processes, InfoSec and IT Ops work better together, eliminating delays and risks of miscommunication.

Risk-based prioritization in a single dashboard

Hackers don’t attack what you think you have but what you really have. This makes asset discovery critical in your vulnerability management process. Puppet Remediate enables you to know what hardware and software you have in your infrastructure and shows what needs immediate attention.

Enhance the vulnerability risk score provided by QualysVM, multiplying the score by the number of nodes affected. Know what to fix first so you can take immediate action and remediate vulnerabilities starting from the most vulnerable nodes in your infrastructure.

Agentless remediation

Take immediate action on vulnerabilities with agentless tasks that you can run on your Linux or Windows hosts. Use pre-built tasks that allow you to manage packages and services and run shell commands. Upload your own scripts or use existing modules from the Puppet Forge. Reduce the time you spend fixing vulnerabilities from days to minutes.

How it works

  1. QualysVM discovers assets and their vulnerabilities
  2. Puppet Remediate pulls read-only scanning data automatically from QualysVM
  3. In Puppet Remediate’s dashboard, view a summary of vulnerabilities affecting your infrastructure
  4. In Puppet Remediate, filter by the most vulnerability hosts or by CVE for risk-based prioritization
  5. Fix vulnerability packages with agentless tasks
    • You can manage packages, manage services or run arbitrary shell commands, all secured with Role Based Access Controls.
    • It’s extensible by adding automation you provide, either by uploading scripts you use, or adding modules from Puppet Forge
  6. QualysVM then reports on remediation success, confirmed on the next scan
Puppet sites use proprietary and third-party cookies. By using our sites, you agree to our cookie policy.