Qualys has announced a partnership with MetricStream to create a framework that enables customers to identify, report and remediate vulnerabilities.

A combination of the MetricStream IT-GRC Solution and QualysGuard Vulnerability Management, it provides a single robust framework to automatically monitor and capture all asset and network vulnerabilities and route them through a systematic process of investigation and remediation.

According to the companies, this integration enables customers to quickly identify and report on the vulnerabilities affecting business-critical assets, map security issues to business applications, and aggregate and rollup risk information across their enterprise for proactive mitigation.

It works by the QualysGuard VM locating and identifying network devices and applications, and scanning them for vulnerabilities. It then provides detailed information on the nature of those vulnerabilities.

MetricStream IT-GRC then imports this data in real time and initiates immediate remedial action by assigning investigative responsibilities to the appropriate personnel. Automatic alerts ensure that action plans are carried out to closure, while advanced dashboards and reports provide in-depth visibility of the status of each case, enabling real-time tracking and trend analysis.

Philippe Courtot, chairman and CEO of Qualys, said: “Companies must keep up with rapidly changing regulatory requirements, while protecting data and assets against the latest security threats. The integrated MetricStream and QualysGuard solution gives management the visibility required to effectively manage security risks and ensure compliance.”

Vidya Phalke, CTO at MetricStream, said: “IT security managers are under enormous pressure to protect IT assets: a task that becomes more challenging as networks grow more complex and security threats become more sophisticated.

“The use of virtualised infrastructure is rising: smartphones and tablets are proliferating; reliance on managed IT services is increasing; and business managers are independently driving the adoption of cloud applications.

“These trends are introducing a whole new class of risks and threats that enterprises need to deal with. Our partnership with Qualys will strengthen organisations' ability to tackle these security risks and compliance challenges.”