Qualys Endpoint Detection and Response

Endpoint Detection and Response (EDR) captures system activity to find indicators of compromise and action related to malware and threat actors that support investigation and response. It provides prevention, detection, and response across the entire attack life cycle. You only need one agent to perform critical security functions and respond to and remediate incidents in real-time. EDR provides active real-time monitoring and data collection and requires constant inspection, scanning, and data collection. To get started with EDR, build your inventory and configure cloud agents.

EDR Concepts and Terminologies

Following are some of the common concepts and terminologies that you might come across while using EDR:

Terms Description
Dashboard It visualizes a graphical summary of data such as vulnerabilities, assets, and other information. You can perform multiple actions on the dashboard, such as print dashboard, import dashboard, and version history. For more information, see Manage Dashboards
Criticality Criticality is also known as Asset Criticality Score (ACS). It has a criticality range from 1 to 5 and is calculated based on the asset tags assigned. For more information, see Understanding Asset Criticality Score.
QQL It is an acronym for Qualys Query Language. Using QQL, you can search queries to fetch information from the Qualys database. The query is a string of search attributes called search tokens. For more information, see Search Tokens for EDR .
Tags It is a flexible and scalable method to discover and organize assets in your infrastructure. For more information, see Configure Tags.
TruRisk Score It is a framework that allows you to identify the riskiest asset in your organization. Asset Criticality is the primary factor when the TruRisk score determines an asset's risk. For more information, see Prioritize Vulnerabilities using Qualys TruRisk.
Widgets Data displayed in dashboards is summarized using the widgets. You can use widgets such as Numerical, Bar, Table, and TruRisk Score to display specific information. Widgets can be added to new or existing dashboards. For more information, see Knowing Widgets.

Previous Release Notes

Refer to the Release Notes page for previous release notes in PDF.