Stay ahead of risk with Threat & Vulnerability. No heavy lift.

From a baseline to full exposure management, get continuous visibility, prioritised remediation guidance, and board‑ready reporting.

Request free* 60‑day T&V Base Book an upgraded security review

Resilient organisations treat vulnerabilities like financial risk: find issues early, quantify impact, and fix them before they become incidents. Wanstor’s Threat & Vulnerability provide a clear, evidence-led view of exposure across both internet-facing and internal systems. As a result, you can prioritise what matters most, focus engineering effort where it delivers the biggest impact, and reduce the likelihood – and cost – of compromise.

Threat & Vulnerability: Know your exposure. Prioritise fixes. Reduce risk.

Begin with our free 60‑day Base for 100+ employees to get agent‑powered visibility and actionable dashboards. When ready, move up to T&V Management or T&E Management to add credentialed network scanning, compliance benchmarks, web‑app testing, and cloud configuration reviews — all integrated into one reporting view.

Feature Threat & Vulnerability Base Threat & Vulnerability Management Threat & Exposure Management
Cloud Agent     
Network Scanner
Power BI dashboard reporting Limited (30‑day trend)
Monthly meeting & report
Quarterly workshop
Cloud configuration review

(Entra/Azure, AWS, GCP, GitHub)

 Up to 3 services included
Web application scanning Up to 5 web apps included
Compliance scans Included (Wanstor‑managed)
Remediation days Optional add‑on Optional add‑on

Request free 60-day Threat & Vulnerability Base*

 

See what’s exploitable — then fix what matters, first. With our free 60‑day Threat & Vulnerability Base for organisations with 100+ employees gives you agent‑powered insight and a clear, executive‑ready dashboard.

What you get:

  • Lightweight agent on supported devices, updating vulnerability data regularly.
  • Named security contacts get access to a dashboard with a rolling 30‑day view (severity, affected assets, and remediation guidance).
  • Fast visibility and proven value before scaling to T&V Management or T&E Management (see below).

*Free for organisations of 100 employees and above for the first 60 days. Subject to qualification and agent deployment.


Step up to Threat & Vulnerability Management

All Threat & Vulnerability Base capabilities plus:

  • A scheduled network scanner (internal/external IPs, credentialed for full detail).
  • Consolidated Power BI dashboard (hostname/IP, CVSS v3.1, CE filtering, historical trend).
  • Monthly consultant review with an exportable CSV of findings and agreed actions.

Note: Network appliance running costs are separate.

 

Go further with Threat & Exposure Management

Everything in Threat & Vulnerability Management plus:

  • Compliance scanning (CIS, NIS2‑aligned),
  • Web app scanning (OWASP Top 10),
  • Cloud configuration reviews across Azure/Entra, AWS, GCP, and GitHub, integrated into your central dashboard.
  • Monthly Top 10 review (Compliance, Web App, Cloud) and a quarterly workshop on attack‑surface reduction.

Note: Network appliance running costs are separate.

 

 

Book an upgraded security review

Get a sneak peek at a T&V dashboard

Curious about what your vulnerability insights will look like? Take a look below for a preview of the dashboard you’ll soon have access to:

What to expect during onboarding

  • Scoping & pack creation. We’ll hold a short call to confirm scope (device counts/OS, networks, targets). Based on this, our team generates a package to deploy the vulnerability‑scanning agent and schedules a brief Q&A to answer any setup questions.
  • Customer‑led deployment. You deploy the agent using your usual method (e.g., Microsoft Intune or Group Policy). We provide deployment notes and remain on hand during the Q&A. Once agents start reporting, we configure scanning and your dashboard.
  • Reporting access. To view dashboards and reports, you’ll need a Power BI Pro (or equivalent) licence.
  • Access model. Until you proceed as a customer, we do not take access to your environment — deployment and initial activation remain fully under your control. As a result, you retain complete oversight throughout the process.

 

How we handle your data

All vulnerability data is stored in a Wanstor‑managed data lake with tenant isolation. Dashboard access is governed by Power BI Row‑Level Security (RLS) for granular, role‑based visibility.

 

Optional remediation help

Outside patching covered by our Patch Management service, we can provide Remediation Days or T&M support (where we have admin rights or you hold authority to implement changes). Priorities focus on exploitable Critical/High, cloud misconfigurations, then remaining Critical/High items.

Ready for complete peace of mind?

Your complimentary T&V Base service gives you essential visibility and actionable insights. However, if you need advanced reporting, tailored remediation plans, and ongoing expert guidance, T&V Managed and T&E Managed are the next steps.

Frequently Asked Questions

1. What is Qualys Cloud Agent and why is it used?

In short, Qualys Cloud Agent is a lightweight, always-on agent installed on endpoints, servers, or VMs. Specifically, continuously collects asset data — hardware, software, and configuration — and sends it securely to the Qualys Cloud Platform for vulnerability management. Even when devices are offline, it works and updates automatically.

 

2. What data does the Cloud Agent collect?

  • System metadata: OS details, installed applications, configuration settings.
  • Network info: Open ports, services running.
  • Security posture: Vulnerabilities, missing patches, compliance status.
  • Important: The agent does not scan internal files or user data; it focuses on system configuration and software versions.

 

3. Does it impact performance?

Generally, the agent has a very low footprint — typically under 1% CPU usage, with peaks up to 5% during scans. Additionally, memory and disk usage are minimal.

 

4. How does the agent communicate with Qualys?

  • Outbound HTTPS (port 443) only; no inbound firewall changes required.
  • Uses TLS 1.2 or later for secure communication.
  • Sends differential updates to minimize bandwidth.

 

5. What platforms are supported?

Currently, Qualys Cloud Agent can be installed on Windows, Mac, and Linux devices.

 

6. How is the agent installed and activated?

You can install the agent manually, through Endpoint Central, or via Microsoft Intune. The installation is silent and does not require a device restart. Users won’t see any icons or prompts, as everything happens in the background.

 

7. How does the agent update?

The agent self-updates automatically when contacting Qualys platform. No manual intervention.

 

8. Does it work offline?

Yes. The agent continues collecting data even when offline and syncs automatically once internet connectivity is restored.

 

9. Privacy concerns – does it access personal data?

No. The agent does not access user files or personal content. Instead, it only collects system-level data for security and compliance purposes.

 

10. How often the agent scans the device?

By default, the agent scans the device every 4 hours. This ensures you always have the latest vulnerability information.

 

11. Do I need a Power BI licence?

Yes, to view live dashboards and reports, customers will need a Power BI Pro (or equivalent) licence within their environment.