Vulnerability management vendor Qualys this week announced the trial availability of its TotalCloud with FlexScan offering, an agentless, cloud-native vulnerability detection and response platform designed for use in multicloud and hybrid environments.The software is designed to provide a holistic overview of an organization\u2019s cloud-based workloads and identify known vulnerabilities. The system also scans workloads to check whether they\u2019ve opened network ports, and monitors a host of other factors to offer a detailed picture of a business\u2019 overall vulnerability status, tracking publicly exposed VMs (virtual machines), databases, user accounts and exploitable vulnerabilities in public-facing assets.The company said that many of TotalCloud\u2019s capabilities are designed to be no-code, allowing users to use a GUI (graphical user interface) to perform complex operational tasks such as quarantining assets and setting alert parameters, which would ordinarily require coding and be much more time-consuming.TotalCloud, Qualys added, is also designed as a devsecops tool for developers, allowing them to identify and correct security flaws at each step of the development process.TotalCloud features agentless designOne of TotalCloud\u2019s main selling points is its agentless design, meaning that no software has to run on the monitored assets, with the idea being that the software won\u2019t affect the workloads it is monitoring, according to IDC group vice president for security and trust Frank Dickson.\u201cAgentless security is a wonderful innovation to address imperfective approaches to application security within organizations,\u201d he said. \u201cEssentially, agentless security mitigates cross organization conflict resulting from developer objections as cloud operations is essentially examining the environment behind a virtual sealed pane of glass.\u201dWhat that also means, however, is that the agentless approach to security is essentially based on individual snapshots of the systems it\u2019s protecting, not on continuous, moment-to-moment monitoring. According to Dickson, this means that the system cannot protect workloads that spin up momentarily and then shut back down again between those snapshots.\u201cAdditionally, agentless solutions cannot extract activity telemetry like process information, L3\/L4 connections activity, memory analysis or other real time information,\u201d he noted. \u201cFinally, you are very limited in taking action without an agent so response and remediation actions are limited. A security professional will be limited in the ability to isolate a workload or redeploy a golden image without an agent.\u201dQualys said TotalCloud will be made generally available by the end of 2022.