Define, Audit and Document
IT Security Compliance Through the Cloud
Create Policies to Meet Corporate or Regulatory
Initiatives such as SOX, HIPAA, FISMA and More
Access a Comprehensive Policy & Controls Library Based
on Industry Standards such as CIS, NIST, COBIT & More
Identify Policy Violations Against Technical
Controls with Automated Scanning
Meet and Document Compliance with
Detailed Reporting Options
Easily Create and Manage Exceptions Per
Policy to Support Business Requirements
Turnkey Deployability and Unprecedented Scalability
with No Software to Install, Update or Maintain
QualysGuard® Policy Compliance
IT security, audit and compliance groups are under constant pressure to help the business comply with multiple regulations, and meet the demands of internal and external auditors. In addition, many regulations contain requirements pertaining specifically to the integrity and security of the IT environment.
Using QualysGuard® Policy Compliance (PC) an organization can reduce the risk of internal and external threats, while at the same time provide proof of compliance demanded by auditors across multiple compliance initiatives. QualysGuard PC provides an efficient and automated workflow that allows IT security and compliance professionals to:
- Define policies that describe how an organization will provide security and integrity.
- Provide proof that the policies have been operationalized.
- Give documented evidence that the organization has discovered and fixed any policy compliance lapses.
QualysGuard PC extends the global scanning capabilities of QualysGuard Vulnerability Management to collect OS Configuration and Application Access controls from hosts and other assets within the enterprise, and maps this information to user-defined policies in order to accurately document compliance with security regulations and business mandates.