Skip navigation
1 2 3 ... 19 Previous Next

Qualys News

277 Posts
0

To help keep track of what happened at RSA Conference 2014, here's a quick list of Qualys' activities over the week:

 

Conference Events

 

New Blog Posts from Qualys Community

SSL Labs: Testing for Apple's TLS Authentication Bug: Updates to SSL Labs let you test for this newly-discovered (and now patched) bug.

MediaWiki DjVu and PDF File Upload Remote Code Execution Vulnerability: Deep-dive into only the third remote code execution vulnerability ever found to affect the MediaWiki platform.

 

Announcements

QualysGuard Continuous Monitoring enables customers to continuously monitor mission-critical assets throughout their perimeter and immediately get alerted to anomalies that could expose them to cyber attacks.

 

 

QualysGuard Web Application Firewall offers rapid deployment of robust security for web applications with minimal cost of ownership, and is constantly updated with new rules to keep up with application updates and newly emerging threats.

 

 

Top 4 Security Controls helps organizations quickly determine if the PCs in their environments have properly implemented the Top 4 Critical Security Controls, which the Council on CyberSecurity estimates can help companies prevent 85% of cyber-attacks. The Top 4 Security Controls are released in collaboration with the SANS Institute and the Council on CyberSecurity.

 

 

2014 SC Magazine Awards

 

 

Partnerships

  • Risk I/O: For businesses that need to understand the vulnerability and threat risks of their organization’s perimeter in real-time, the new integration enables them to sync their vulnerability data with Risk I/O’s threat processing engine, allowing organizations to gain visibility into their most likely vector for a breach.
  • AlgoSec Partners: The integration provides visibility into the risk levels of data center applications, enabling IT and security teams to effectively communicate with business stakeholders so they can “own their risk” by quickly taking the actions needed to mitigate IT security issues.
0

scawards2014_winnervert_553993_553994.jpgQualys is proud to announce that it was named Best Security Company earlier this week at the 2014 SC Magazine Awards. The awards acknowledge companies with superior security products that help customers tackle today’s most pressing information-technology (IT) challenges. The announcement was made on February 25, 2014 at the 17th annual SC Awards U.S. Gala in San Francisco, in conjunction with the annual RSA Conference. The criteria for the judging included: product line strength, customer base, customer service/support, research and development, and innovation.

 

“The SC Awards are the security industry’s most prestigious accolade, bestowed only to the most impressive companies in the security industry,” said Illena Armstrong, VP of editorial, SC Magazine. “Qualys can be very proud of this achievement and the many long hours of dedicated service that it represents.”

 

“We are honored to be named the Best Security Company by SC Magazine,” said Philippe Courtot, chairman and CEO, Qualys. “We share this honor with our customers and partners, who throughout the years, have been our guiding force to continue improving our existing cloud-based security and compliance solutions and design new innovative ones.”

 

Qualys also won the award for SC Award for Best Security Company in 2011. Read the full news release.

0

In collaboration with the SANS Institute and the Council on CyberSecurity, Qualys today announced a new free service to help organizations implement the Top 4 Critical Security Controls to fend off attacks. The new service, available at https://qualys.com/top4, helps organizations quickly determine if the PCs in their environments have properly implemented the Top 4 Critical Security Controls, which the Council on CyberSecurity estimates can help companies prevent 85% of cyber-attacks.

 

Qualys will unveil this free service with representatives from the SANS Institute and the Council on Cyber Security at the RSA Conference Booth #2821 today at 11:30 am PT.

 

"The Qualys Top 4 service is an extremely elegant and effective solution that helps both small and large businesses determine how resilient they are to today's advanced threats,” said Jonathan Trull, CISO for the State of Colorado. “This is exactly the type of public-private partnership our country needs to address the cyber attacks threatening our economy and critical infrastructure."

 

“This is the first time that a major security vendor has implemented a scoring and reporting algorithm that allows organizations to compare themselves with peers,” said Alan Paller, director of research for the SANS Institute. “Scoring like this is the only technique I have ever seen that causes organizations to implement the changes that lead to effective security.”

 

Read the full announcement.

0

Today at RSA Conference, Qualys announced its new Continuous Monitoring service, empowering customers to continuously monitor mission-critical assets throughout their perimeter and immediately get alerted to anomalies that could expose them to cyber attacks. The service gives organizations the ability to proactively identify threats and unexpected changes in Internet-facing devices within their DMZ, cloud-based environments, and web applications before they are breached by attackers, bringing a new paradigm to vulnerability management.

 

"At Ancestry.com, we have millions of visitors per month and many perimeter devices that we operate to secure against possible attacks,” said Deal Daly, VP of information technology for Ancestry.com. “The Qualys Continuous Monitoring service delivers real-time alerts of security and network configuration issues that we can proactively remediate.”

 

“The Cloud is expanding the boundaries of the corporate perimeter to include every browser, device or application that touches the Internet, leaving us more exposed to cyber-attacks than ever,” said Philippe Courtot, chairman and CEO for Qualys. “With our groundbreaking Continuous Monitoring service, companies can see their perimeter the way today’s hackers do, so that threats can be identified and addressed before they turn into breaches.”

 

Read the full release.

 

Qualys also announced today the general availability of its QualysGuard Web Application Firewall (WAF) service for web applications running in Amazon EC2 and on-premise. Deployed as a virtual image alongside web applications, the QualysGuard WAF can be set up and configured within minutes, enabling organizations to easily provide protection for their websites.

 

“Companies today are challenged with protecting their websites against attacks and complying with the Payment Card Industry (PCI) standard for transactions on their sites. But many organizations, especially smaller businesses, do not have the expertise or resources to effectively deploy WAFs,” said Charles Kolodgy, Research VP at IDC. “By introducing a lower cost, easy-to-use and deploy WAF cloud solution, Qualys can aid organizations in improving protection of their websites and web applications.”

 

The QualysGuard WAF cloud service provides rapid deployment of robust security for web applications with minimal cost of ownership, and it is constantly updated with new rules to keep up with application updates and newly emerging threats.

 

“Large organizations typically have thousands of web applications to protect, while smaller businesses don’t have the resources and IT staff to protect them,” said Philippe Courtot, chairman and CEO for Qualys. “The general availability our WAF service will offer customers the flexibility they need to protect their applications no matter where they reside and whether they have a few or thousands of them.”

 

Read the full announcement.

0

Risk_I_O_Logo.pngRisk I/O announced today that it has partnered with Qualys to integrate QualysGuard Vulnerability Management (VM) into Risk I/O, providing perimeter vulnerability scanning for its customers. For businesses that need to understand the vulnerability and threat risks of their organization’s perimeter in real-time, the new integration enables them to sync their vulnerability data with Risk I/O’s threat processing engine, allowing organizations to gain visibility into their most likely vector for a breach.

 

“The addition of perimeter scanning to Risk I/O enables organizations to scan their organization’s perimeter and receive a complete risk analysis in a one stop shop so they can take action quickly and lower their risk of a breach,” said Risk I/O Co-founder and CEO Ed Bellis. “We are pleased to partner with Qualys and integrate our solutions together giving customers a comprehensive solution that will ultimately help them become more secure and avoid data breaches.”

 

Read the full announcement.

0
Posted by qualys on Feb 19, 2014 in Qualys News

AlgoSec Partners with Qualys

44190_LogoAlgoSec.jpgAlgoSec, the market leader for Security Policy Management and Qualys today announced their partnership to enable businesses to manage security and risk across their organizations. With the partnership, the latest version of the AlgoSec Security Management Suite includes integration with QualysGuard Vulnerability Management (VM) to aggregate and score vulnerabilities associated with data center applications and their associated physical or virtual servers. This provides customers with unprecedented visibility into the risk levels of data center applications – even as they change - enabling IT and security teams to effectively communicate with business stakeholders so they can “own their risk” by quickly taking the actions needed to mitigate IT security issues.

 

“Today’s cyber-attacks have a direct impact on the bottom line, yet organizations lack the visibility to manage risk from the business perspective,” said Yuval Baron, Chairman, President and CEO, AlgoSec. “By integrating QualysGuard VM with our solution, we are changing this paradigm to provide application-centric vulnerability management, allowing organizations to manage security in the context of business and at the speed of business.”

 

The AlgoSec Suite, with application-centric vulnerability management is available immediately. The new solution will be demonstrated at RSA at AlgoSec’s booth #427.

 

To learn more about this solution, join us for a webcast on March 12 at 1pm ET on Managing Risk and Vulnerabilities in a Business Context. Read the full news release.

0

pathdefender.pngQualys today announced a partnership with PathDefender, the operator of the McAfee Secure Services, to provide QualysGuard® security and compliance solutions as part of its McAfee Secure services to make the Internet safer for consumers and businesses.

 

Founded by experts from Intel and McAfee, PathDefender provides security services for tens of thousands of website owners, protecting millions of consumers from malicious online activity. With this partnership, PathDefender will now integrate the QualysGuard Cloud Platform with the McAfee Secure Services delivering customers a full suite of solutions – including Vulnerability Management, Web Application Scanning, Malware Detection, and PCI Compliance – to protect their websites from cyber attacks.

 

“At PathDefender, we partner with leading security companies in our mission to keep the Internet safe,” said Timothy Dowling, CEO of PathDefender. “We are pleased to add Qualys’ industry leading cloud-based IT security and compliance solutions to the McAfee Secure Services to help our customers protect their websites from the latest threats and achieve PCI compliance, at a price they can afford and with premium customer support.”

 

Read the full announcement.

0

accuvant.jpgAccuvant, the Authoritative Source for information security, today announced its partnership with Qualys to launch the Vulnerability Management Solution (VMS), the latest innovative offering in its managed services portfolio.

 

VMS combines elements of Qualys’industry-leading QualysGuard Cloud Platform with Accuvant’s advanced security expertise and methodologies, providing enterprise-level organizations with a continuous vulnerability scanning and validation service. It enables enterprise organizations to outsource a critical function while ensuring protection so they can focus on other important aspects of their businesses.

 

“Accuvant has built an impressive portfolio of managed security and consulting services,” said Philippe Courtot, chairman and CEO of Qualys. “QualysGuard augments Accuvant’s offerings with an advanced vulnerability management platform, helping clients secure and protect IT assets on a continuous basis.”

 

Read the full announcement.

0
Posted by qualys on Jan 21, 2014 in Qualys News

Lumension Partners with Qualys

lumension.jpgLumension®, a global leader in endpoint management and security and Qualys today announced a strategic partnership to provide joint customers with comprehensive vulnerability assessment and patch management solutions.

 

Under the agreement, Lumension will exclusively offer QualysGuard Vulnerability Management (VM) to current Lumension Scan customers and provide additional support in transitioning those customers to QualysGuard VM as Lumension will End-of-Life its Lumension Scan product effective April 25, 2014. QualysGuard VM automatically detects vulnerabilities across the organization as a strong compliment to Lumension® Patch and Remediation, which, under the partnership, will be integrated with QualysGuard VM to help customers effectively apply and validate patches on their endpoint.

 

“Lumension selected Qualys for this very important technology transition because we believe they could best meet the extensive criteria required by our Scan customers’ need for a strong scan solution,” said Rich Hlavka, Senior Vice President, Business Development, Lumension. “We are also very excited about the integration of our core Lumension Patch and Remediation technology into QualysGuard as our joint customers will enjoy a comprehensive vulnerability management solution.”

 

Read the full announcement.

0

Qualys.jpgQualys announced today that it has received the Frost & Sullivan Global Market Leadership Award in Vulnerability Management for the third consecutive year. The award is based on independent analysis of the global vulnerability management market, including in-depth interviews with customers, partners and vendors.

 

“Ultimately, vulnerability management solutions must become as dynamic as the threat environment that they are designed to protect against,” stated Chris Kissel, industry analyst for Frost & Sullivan, in the report. He continued, “Qualys maintains its market leadership because of its strong technology cloud platform, ability to scale, and ease of use and deployment. Also, the company has successfully shown that it can rapidly innovate and deliver new capabilities suitable for customers of all sizes across vertical industries. This adaptability has allowed Qualys to consistently stay ahead in the innovation curve.”

 

Read the full report or the news release.

0

scawards2014finalist_489504.jpgQualys today announced that it has been named a 2014 SC Awards U.S. finalist for outstanding leadership and achievement in information security in five categories. Qualys was named a finalist for Best Security Company and for Best Customer Service. QualysGuard Vulnerability Management (VM) was named a finalist in the Reader’s Trust Award for Best Vulnerability Management Solution, and Qualys’ solutions were also recognized in two Excellence Awards, including:  QualysGuard Express for Best SME Security Solution and QualysGuard Policy Compliance (PC) for Best Regulatory Compliance Solution.

 

“We are honored to be recognized in these five categories that highlight the strength of our company vision, our solutions, and our world-class customer service,” said Philippe Courtot, chairman and CEO of Qualys. “We’d like to thank the SC Magazine judging panels along with our customers and partners for their support.”

 

“Each year, the SC Awards program benchmarks the achievements of the top IT security professionals in the industry,” said Illena Armstrong, VP, editorial, SC Magazine. “This is an event like no other. It gives solution providers and vendors an opportunity to connect with SC Magazine’s print and online audience in a unique setting while being recognized as one of the ‘best-of-the-best’ in the industry.”

 

Winners of this year’s SC Awards U.S. will be announced at a gala dinner and award ceremony to be held in San Francisco on Feb. 25, 2014. This is one of the most anticipated IT security events of the year and promises excitement and invaluable networking opportunities with some of the top corporate IT professionals in the country. To attend the awards, register at https://www.etouches.com/75414.

 

Read the full news release.

0

ism_gold_seal_2013.jpgQualys today announced that QualysGuard WAS won the 2013 Information Security™ Magazine (ISM) and SearchSecurity.com™ Reader’s Choice Award for Application Security. The eighth annual Readers’ Choice Awards surveyed Information Security readers, asking for their votes and ratings on top security products in 19 categories, with participants asked to only vote on the products in use in their environments. The QualysGuard WAS cloud service was rated the highest in the Application Security category for helping enterprises identify and remediate issues before attackers can find and exploit them.

 

 

As noted on SearchSecurity.com, the QualysGuard WAS cloud service enables the continuous discovery and cataloging of web applications in use within an organization both on-premise and in the cloud. Then QualysGuard WAS assesses each application’s security status, identifies design flaws, unpatched holes and malware and spins out a comprehensive report that security and DevOps teams can use to prioritize and address remediation efforts. The product also offers a variety of APIs so that scan data can be provided to other security and compliance systems. According to Searchsecurity.com, readers “lauded the ease with which the product can be implemented.”

 

“Web application security is now a problem of scale as web applications have proliferated along with the number of attacks targeting them. Now corporations have thousands of web applications to deal with and secure from cyber attacks,” said Philippe Courtot, chairman and CEO for Qualys. “We are proud to see QualysGuard WAS receive the 2013 ISM Reader’s Choice Award for Application Security, and we would like to thank our customers and partners who have been instrumental in helping us build such a scalable solution. Our cloud architecture has allowed us to deliver customers an accurate, easy-to-use, cost-effective web application scanning solution, and as a result we are seeing significant momentum in its adoption.”

 

QualysGuard Vulnerability Management was also named the Silver winner in Vulnerability Management in The 2013 ISM Readers Choice Awards. Read the full news announcement, or read the article on the winners.

0

Gartner_logo.pngQualys announced today that for the fifth time, it received the highest rating possible – a “Strong Positive” – for the fifth time in Gartner’s “MarketScope for Vulnerability Assessment.”* The report rates the offerings of 11 vendors using the evaluation criteria of market responsiveness and track record, sales execution/pricing, offering strategy, product/service, overall viability and customer experience.

 

“Our QualysGuard Cloud Platform and suite of security and compliance solutions are now in use by the majority of the Fortune 100 with expanding functionality to address the requirements for Cloud environments,” said Philippe Courtot, chairman and CEO for Qualys. “We are pleased to earn another ‘strong positive’ rating this year, and would like to thank our customers and partners for their support in helping us continuously innovate to deliver comprehensive services to meet their needs.”

 

To read the full report, visit http://www.qualys.com/marketscope2013. Read the full news announcement.

0

lieberman.jpgLieberman Software and Qualys today announced the integration between Enterprise Random Password Manager (ERPM) privileged identity management and the QualysGuard Security and Compliance Suite, providing customers with secure password management for authenticated scanning for IT security and compliance. Lieberman Software will exhibit this functionality this week at Qualys Security Conference 2013.

 

Authenticated scans require privileged identity information, which can be difficult to manage in a secure way. ERPM, Lieberman Software’s flagship privileged identity management product, automatically finds all privileged accounts in the enterprise and continuously tracks, secures and controls access to each account. With the integration of ERPM and QualysGuard, customers can manage privileged credentials in ERPM for authenticated security scans of IT resources, eliminating the need to maintain unsecure duplicate static passwords to initiate QualysGuard scans, and preventing IT administrators from attempting time-intensive manual password management actions.

 

“We’re pleased to announce our new partnership with Qualys,” said Philip Lieberman, president and CEO for Lieberman Software. “This integration was requested by some of our mutual enterprise customers to help them more efficiently manage expansive IT infrastructures. As large cloud environments and enterprises scale to vast numbers of systems, the need to automate privileged account management is essential to the security of all systems and devices.”

 

This integration is now available inthe newest version of ERPM. For more information see http://www.liebsoft.com/Qualys_Integration/. Read the full news announcement.

0

idc_image.pngQualys announced today that for the fifth consecutive year, IDC has ranked the company #1 for Worldwide Device Vulnerability Assessment Revenue Share, with 14.5% market share for 2012. The Worldwide Security and Vulnerability Management 2013-2017 Forecast and 2012 Vendor Shares report also shows Qualys has increased its market share in the overall category of Vulnerability Assessment (VA) for 2012, which includes both Device VA and Application VA. Qualys is ranked No. 2  with 9.4 percent market revenue share, up from 8.6 percent in 2011.

 

“Even with recent economic uncertainty, companies have continued to invest in security and vulnerability management due to the rise in threats and expanding government regulations,” said Charles Kolodgy, research vice president for IDC’s security products. “Organizations are looking for affordable solutions that reduce the complexity of effective risk management. With its cloud platform, Qualys continues to grow its market share by meeting this need with cost-effective, powerful,l automated solutions to help organizations monitor and protect against possible attacks while meeting compliance regulations.”

 

According to the report, revenue in the Security and Vulnerability Management (SVM) market was $4.2 billion in 2012 compared to $3.8 billion in 2011. IDC believes the SVM market will remain on a positive growth trajectory in 2013, with revenue anticipated to be $4.6 billion, and forecasts that the SVM market will reach $6.5 billion in 2017.

 

Read the full news announcement or IDC's Worldwide Security and Vulnerability Management 2013-2017 Forecast and 2012 Vendor Shares.

1 2 3 ... 19 Previous Next

Recent Comments

No recent comments.

Actions