CyberSecurity Asset Management Overview
CyberSecurity Asset Management (CSAM) helps you discover, identify, classify, and manage all your assets—known and unknown—across your hybrid IT environment. It continuously gathers information on all assets, listing system and hardware details, running services, open ports, installed software, and user accounts. It provides continuous visibility and enriched context to help you assess asset criticality and risk exposure, enabling better security decisions.
Using a combination of Qualys sensors — Cloud Agents, Scanners, and Passive Network Sensors — CSAM collects and analyzes data about assets across hybrid environments, and delivers up-to-date, comprehensive, and continuous information about those assets as well as their security and compliance posture.
With CSAM, you get the following:
- Enriched asset data – hardware & software lifecycles, license categories, and more.
- Bi-directional synchronization of asset data with your CMDB.
- Ability to define and manage authorized and unauthorized software in your organization.
- Customizable reporting to meet internal and external needs (for example, standards compliance reporting).
- Alerting via email, Slack, Teams, or PagerDuty to inform you about assets requiring attention.
Explore the CSAM Product use cases.
How Does CyberSecurity Asset Management Work?
Key Features
Complete Asset Visibility
Discover all assets, including unmanaged, rogue, and shadow IT across on-premises, cloud, remote endpoints, and containers.
View Assets | Assets Discovered by CAPS |
Asset Inventory
Maintain a real-time, asset inventory enriched with context such as hardware, software, user activity, location, and business role.
Asset Details | Download Asset Details | Purge Assets |
External Attack Surface Management (EASM)
EASM helps you identify and monitor internet-facing assets—including unknown or forgotten ones—to reduce your external attack surface and prevent exposure to attackers.
EASM Overview | EASM Lightweight Scan |
Asset Criticality and TruRisk Score
The Asset Criticality Score (ACS) represents how vital an asset is to your business, while the TruRisk Score is a comprehensive risk assessment that combines ACS with vulnerability data to prioritize remediation efforts.
Asset Criticality Score | TruRisk Score |
Shadow IT Detection
It helps uncover unauthorized or unknown assets that may pose security risks. These assets are displayed under Inventory > Assets tab in CSAM.
View Assets | Asset Details |
Software Composition Analysis (SwCA)
SwCA provides real-time visibility into deeply embedded open-source software packages and commercial software components.
SwCA |
Smart Tagging and Search
CSAM organizes assets using dynamic tagging, making it easy to find exactly what you need—by location, environment, software, or any other attribute.
Tag Assets |