Secure your IT Devices and Web Applications
From the Cloud
QualysGuard automates the full lifecycle of asset discovery, prioritization, security auditing and reporting for all IT infrastructures from a
unified cloud solution.
Network Discovery
Discover and prioritize all network assets that reside in your IT infrastructure on a global scale without the need to install any software. QualysGuard VM discovers all network devices, including desktops, servers, operating systems, applications, routers, firewalls, PDAs, wireless devices, as well as many other network elements.
Asset Tagging
Easily manage millions of assets within your IT infrastructure using QualysGuard powerful asset tagging capabilities. Apply dynamic tags based on scan results or other criteria to categorize assets into business units or asset groups and assign priorities using CVSS or a 5 tier rating system from Low to Critical.
Vulnerability Scanning
Scan your entire IT systems with the industry leading vulnerability management solution. Driven by the largest and most up-to-date KnowledgeBase of vulnerability checks in the industry, the QualysGuard scanners safely and accurately detect security vulnerabilities across your entire network. As cloud service, new signatures are delivered daily, giving users the ability to scan for the latest vulnerabilities and zero-days.
Flexible Reporting
Intuitive and easy-to-read reports provide both executive-level summaries and detailed technical analysis. QualysGuard VM provides a detailed description for each vulnerability identified with recommended solutions. QualysGuard provides powerful reporting options to customize reports, including the ability to present consolidated patch reports providing system administrators task-oriented, “out-of-the-box” remediation plans to fix vulnerabilities and reduce risk.
Integrated Remediation Workflows
QualysGuard's integrated remediation and trouble-ticketing workflow system is highly automated. The system generates tickets based on your policy rules and tracks each vulnerability until it is verifiably fixed. Integration with ticketing systems and helpdesk solutions is also available out-of-the-box.
Policy Compliance
QualysGuard PC extends the global scanning capabilities of QualysGuard VM to collect OS Configuration and Application Access controls from hosts and other assets within the enterprise, and maps this information to user-defined policies in order to accurately document compliance with security regulations and business mandates leveraging its comprehensive knowledgebase of regulations, industry standards and compliance frameworks.
PCI Compliance
QualysGuard PCI is the most accurate, easiest to use tool for PCI compliance testing, reporting and submission. QualysGuard PCI enables merchants and Member Service Providers to promptly complete the PCI self-assessment questionnaire, and conduct network and web application security scans to efficiently identify and eliminate security vulnerabilities. Qualys is an Approved Scanning Vendor (ASV).
Actionable Security Intelligence
QualysGuard scan data delivers the most accurate and up-to-date security intelligence about your IT systems including risk analysis estimates derived from previous scans. Combined with the remediation workflows and patch-reporting features of QualysGuard, you can use this intelligence to apply patches where needed and perform verification scans to confirm that patches were applied correctly.
Out-of-the-box Integrations with IDS/IPS
Out-of-the-box integrations with IDS/IPS systems provide customers with the ability to import QualysGuard scan data into these solutions, combining real-time network discovery information with active vulnerability scan data. This enables you to quickly determine if a host is actually vulnerable to a given exploit, saving valuable analysis time.
QualysGuard allows you to discover, catalog and scan all your web applications in an automated way to secure them from cyber attacks and malware infections.
Discover and Catalog
Using QualysGuard WAS you can discover and catalog your applications on an enterprise scale.
Asset Tagging
Apply dynamic tags to your web applications to categorize them and assign prioritization for scanning and reporting workflows.
Vulnerability Scanning
QualysGuard WAS simplifies the complexity and reduces costs of web application scanning with an intuitive, easy-to-use and automated solution providing an extremely low false positives rate and a dynamic user interface (UI) with clear workflows for scanning and reporting.
Malware Detection
QualysGuard MDS proactively scans web sites of any size, anywhere in the world for malware infections and threats providing businesses with automated alerts and in-depth reporting for effective remediation of identified malware.
PCI
QualysGuard WAS provides users an automated tool for evaluating web applications before and after development ensuring that applications are built and maintained in a secure way to comply with PCI requirement 6.6.
OWASP Top 10
Reports from QualysGuard WAS will categorize results according to OWASP Top Ten and Top WASC threats with details for each individual category.
Web Application Firewall
The new upcoming QualysGuard WAF service provides protection against known and emerging web application threats, affordably and with no equipment needed. QualysGuard WAF leverages intelligence from WAS and MDS to keep your web sites and visitors free from harm.
Integrations with WAF Solutions
Out-of-the-box integrations with leading WAF solutions allow customers to automatically apply virtual patches in real-time, reducing the attack surface of vulnerable web applications.
