Company Backgrounder
Highlights
QualysGuard is the most widely-deployed information security and compliance cloud solution in the world with over 6,000 customers including a majority of the Forbes Global 100 and a majority of the Fortune 100.
Ranked worldwide market leader in device vulnerability assessment by IDC for three consecutive years.
The QualysGuard Cloud Platform and suite of applications is the easiest-to-deploy, most accurate, comprehensive and affordable way to reduce information security risks and meet compliance requirements.
QualysGuard performs over 800 million IP scans/audits per year, with 9,500 scanner appliances in over 100 countries.
Qualys, Inc. is the pioneer and leading provider of information security and compliance cloud solutions with 6,000+ customers in over 100 countries, including a majority of the Forbes Global 100.
The QualysGuard® Cloud Platform and integrated suite of applications help businesses simplify security operations and lower the cost of compliance. Unlike traditional enterprise software solutions, QualysGuard delivers critical security intelligence on demand and automates the full spectrum of auditing, compliance and protection for IT systems and web applications.
Businesses and government agencies are more distributed today than ever before, and those multiple networks and geographic locations pose a particular challenge in scaling their security and compliance operations to keep ahead of the latest emerging threats. As a result, organizations are constantly facing too many vulnerabilities affecting too many applications — often without adequate resources to mitigate the security holes through timely patching. Traditional in-house enterprise security models are too slow, costly, and cumbersome to deal with this reality.
The QualysGuard cloud delivery model enables organizations to ensure their IT systems and web applications remain secure and in compliance with data protection mandates at all times for a fraction of the cost of traditional solutions. All of Qualys’ on-demand solutions can be deployed in hours anywhere around the globe, providing customers with a view of their security and compliance posture immediately. This comprehensive security intelligence has made QualysGuard the most widely deployed on-demand security solution in the world, performing more than 500 million IP audits per year.
Qualys Overview: Security & Compliance in the Cloud Age Corporate Brochure
Pioneering SaaS Security
Qualys was founded in 1999 at the height of the technology bubble, when Internet security was just beginning to appear on executive agendas. The company launched QualysGuard in December 2000, making Qualys one of the first entrants in the vulnerability management market. QualysGuard’s market entry was marked by a powerful combination of highly accurate and easy-to-use scanning technology that pioneered the revolutionary new approach to delivering security applications through the web that would become known as “Software-as-a-Service,” or SaaS.
Qualys’ customers were clearly impressed by the power and flexibility of the SaaS model: lower total cost of ownership, high scalability, centralized management from any Web browser, and continuous access to new and upgraded applications.
In 2005, Qualys extended its QualysGuard product line to help those customers better manage burgeoning IT compliance requirements, which are inextricably intertwined with vulnerability management—including what has now become the Payment Card Industry Data Security Standard (PCI DSS).
Qualys’ move into IT compliance management has particularly benefited the company’s client base in such heavily regulated
industries as financial services, retail, manufacturing, government and health care. In 2008, Qualys introduced QualysGuard Policy Compliance; which extended the platform’s global scanning capabilities to collect IT compliance data across the organization and map this information into policies to document compliance for auditing purposes.
Since that time, Qualys has continued to broaden the scope of its on-demand services to address new threat vectors, particularly web sites and web applications, with the releases of Qualys Guard Web Application Scanning (WAS), Qualys Guard Malware Detection, Qualys SECURE Seal and most recently with the introduction of the QualysGuard Web Application Firewall (WAF) for automated protection of web sites.
At the RSA Conference in 2012 USA, Qualys introduced new services and major technological innovations to the QualysGuard Cloud Platform extending its capabilities to help customers improve the security of their IT systems and applications, further automate their compliance initiatives for IT-GRC, and provide online protection against cyber attacks while reducing operational costs and increasing the efficiency of their security programs.
In an ongoing effort to make security and compliance easy and affordable for businesses of all sizes, Qualys also now offers several free security services, including BrowserCheck, FreeScan and SSL Server Test, which have proved particularly popular with smaller businesses.
QualysGuard has received multiple awards and top ratings from leading industry analysts and technical publications.
2012 SC Magazine Europe Information Security Vendor of the Year
2011 SC Magazine Best Security Company
SC Magazine Best Vulnerability Management Solution for 6 of the last 7 years
Best SME Solution of the Year for 2011 and 2012
Qualys Momentum
Recognized as one of the fastest-growing software companies, Qualys attributes its phenomenal growth to its customers, who recognize the benefits of the cloud model and have enshrined it at the heart of their security and compliance efforts. That customer satisfaction is underpinned by Qualys’ deep commitment to research and development, with more than half of the company’s personnel dedicated to driving product innovation.
Qualys’ flagship product, QualysGuard Cloud Platform and its integrated suite of security and compliance applications provides organizations of all sizes with a global view of their security and compliance posture, while drastically reducing their total cost of ownership. The QualysGuard applications, including vulnerability management, policy compliance, web application scanning, malware detection and Qualys SECURE service for security testing of web sites, are used today by more than 6,000 organizations in over 100 countries, including a majority of each of the Forbes Global 100 and Fortune 100, and perform more than 600 million IP scans/audits per year.
To further build its reach, Qualys has also secured strategic agreements with managed services providers, including BT, Dell SecureWorks, Fujitsu, IBM NTT, Symantec, Verizon and Wipro. These relationships, coupled with the QualysGuard platform’s ability to seamlessly integrate with other critical security applications, have significantly increased adoption of Qualys’ cloud information security and compliance solutions.
The QualysGuard Security and Compliance Suite – built on Qualys’ cloud platform – incorporates the following applications, all of which are delivered as a service; there is no new software to deploy or infrastructure to maintain.
Discovers all devices and applications across the network, at the same time identifying and mitigating the vulnerabilities that make network attacks possible.
Helps organizations pass security audits and document compliance tied to corporate security policies, laws, and industry regulations, supporting the requirements of both internal and external auditors.
Provides small and medium-sized businesses with enterprise-level scanning and reporting that’s easy to implement and maintain, and enabling large corporations to meet PCI compliance requirements for data protection on a global scale.
Provides automated crawling and testing for custom web applications to identify vulnerabilities including for cross-site scripting and SQL injection. The automated service enables regular testing that produces consistent results, reduces false positives, and easily scales to secure large numbers of Web sites.
Is a free service that proactively scans web sites of any size, anywhere in the world, for malware infections and other threats, sending alerts to web site owners. The enterprise edition with advanced reporting and notification options enables businesses to scan and manage a large number of sites, preventing web site black listing and brand reputation damage.
Protects web sites from unwanted requests and a range of online threats from spammers to SQL injection to DDoS, and provides increased web site performance through caching, compression and content optimization. QualysGuard WAF will be available in a limited beta in Q2 2012. For more information or to sign up for the beta, visit: www.qualys.com/waf.
Enables online businesses of all sizes to scan their web sites for the presence of malware, network and application vulnerabilities, as well as SSL certificate validation. Once a web site passes all four security scans, the service generates a Qualys SECURE seal for the merchant to display on their web site, demonstrating to visitors that the company is committed to security.
