The QualysGuard Cloud Platform
A Unified View of Your Security and Compliance
The QualysGuard Cloud Platform and integrated suite of solutions enable organizations to simplify the process and reduce the cost of securing their IT assets and achieving compliance with internal policies and external regulations.
Qualys’ solutions help organizations with globally distributed data centers and IT infrastructures to identify their IT assets, collect and analyze large amounts of IT security data, discover and prioritize vulnerabilities, recommend remediation actions and verify the implementation of such actions.
By deploying our solutions, organizations can gain actionable security intelligence into potential vulnerabilities and malware in their IT infrastructure and enable their compliance with internal policies and external regulations.
The QualysGuard suite of solutions are used today by more than 6,000 organizations in over 100 countries, including a majority of the Forbes Global 100, and perform more than 800 million IP audits per year.
Delivered as a multi-tenant cloud platform, the QualysGuard integrated suite of solutions incorporates Qualys’ industry leading vulnerability management service, with a robust IT compliance solution, comprehensive web application scanning and malware detection services; and coming soon a web application firewall (WAF) for automated protection of web sites.
The QualysGuard Cloud Platform
The QualysGuard Cloud Platform consists of a suite of IT security and compliance solutions that leverage shared and extensible core services and a highly scalable multi-tenant cloud infrastructure.
Our infrastructure layer, which we refer to as our Infrastructure, includes the data, data processing capabilities, software and hardware infrastructure and infrastructure management capabilities that provide the foundation for our cloud platform and allow us to automatically scale our Infrastructure and Core Services to scan millions of IPs.
Scalable Capacity. We have designed a modular and scalable infrastructure that leverages virtualization and cloud technologies. This allows our operations team to dynamically allocate additional capacity on-demand across our entire QualysGuard Cloud Platform to address the growth and scalability of our solutions.
Big Data Indexing and Storage. Built on top of our secure data storage model, this engine indexes petabytes of data and uses this information in real-time to execute tags or rules to dynamically update IT assets’ properties, which are used in various workflows for scanning, reporting and remediation.
QualysGuard KnowledgeBase. QualysGuard relies on our comprehensive repository, which we refer to as our KnowledgeBase, of known vulnerabilities and compliance controls for a wide range of devices, technologies and applications that powers our security and compliance scanning technology. We update our KnowledgeBase daily with signatures for new vulnerabilities, control checks, validated fixes and improvements.
Managed Scanner Appliances. As part of our cloud platform, we host and operate a large number of globally distributed physical scanner appliances that our customers use to scan their externally facing systems and web applications. To scan internal IT assets, customers can also deploy our scanners, which are available on a subscription basis as physical appliances or downloadable virtual images, within their internal networks. Our scanner appliances self-update daily in a transparent manner using our automated and proprietary scan management technology. These scanner appliances allow us to scale our cloud platform to scan networked devices and web applications across organizations’ networks around the world.
Our Core Services enable integrated workflows, management and real-time analysis and reporting across all of our IT security and compliance solutions.
Asset Tagging and Management. Enables customers to easily identify, categorize and manage large numbers of assets in highly dynamic IT environments and automates the process of inventory management and hierarchical organization of IT assets.
Reporting and Dashboards. A highly configurable reporting engine that provides customers with reports and dashboards based on their roles and access privileges.
Questionnaires and Collaboration. A configurable workflow engine that enables customers to easily build questionnaires and capture existing business processes and workflows to evaluate controls and gather evidence to validate and document compliance.
Remediation and Workflow. An integrated workflow engine that allows customers to automatically generate helpdesk tickets for remediation and to manage compliance exceptions based on customer-defined policies, enabling subsequent review, commentary, tracking and escalation. This engine automatically distributes remediation tasks to IT administrators upon scan completion, tracks remediation progress and closes open tickets once patches are applied and remediation is verified in subsequent scans.
Big Data Correlation and Analytics Engine. Provides capabilities for indexing, searching and correlating large amounts of security and compliance data with other security incidents and third-party security intelligence data. Embedded workflows enable customers to quickly assess risk and access information for remediation, incident analysis and forensic investigations.
Alerts and Notifications. Creates email notifications to alert customers of new vulnerabilities, malware infections, scan completion, open trouble tickets and system updates.
The QualysGuard Security and Compliance Suite - built on Qualys' cloud platform - incorporates the following solutions, all of which are delivered as a service; there is no new software to deploy or infrastructure to maintain. Users can subscribe to one or more of solutions based on their initial needs and expand their subscriptions over time to new areas within their organization or to additional QualysGuard solutions.
QualysGuard VM is an industry leading and award-winning solution that automates network auditing and vulnerability management across an organization, including network discovery and mapping, asset management, vulnerability reporting, and remediation tracking. Driven by our comprehensive KnowledgeBase of known vulnerabilities, QualysGuard VM enables cost-effective protection against vulnerabilities without substantial resource deployment.
QualysGuard PC allows customers to analyze and collect configuration and access control information from their networked devices and web applications and automatically maps this information to internal policies and external regulations in order to document compliance. QualysGuard PC is fully automated and helps reduce customers’ cost of compliance without requiring the use of software agents.
QualysGuard PCI provides organizations that store cardholder data a cost-effective and highly automated solution to verify and document compliance with PCI DSS. QualysGuard PCI allows merchants to complete the annual PCI Self-Assessment Questionnaire, or SAQ, to perform vulnerability scanning for quarterly PCI audits and to meet the demands of PCI for web application security.
QualysGuard WAS uses the scalability of our cloud platform to allow customers to discover, catalog and scan a large number of web applications. QualysGuard WAS scans and analyzes custom web applications and identifies vulnerabilities that threaten underlying databases or bypass access controls. These web applications are often the main attack vectors for cyber attackers.
QualysGuard MDS provides organizations with the ability to scan, identify and remove malware infections from their websites. QualysGuard MDS utilizes behavioral and static analysis to provide malware detection to organizations. It provides periodic scanning to monitor web sites and delivers email alerts to notify customers of infections.
QualysGuard Web Application Firewall (in beta)
QualysGuard WAF currently in beta testing, delivers enterprise-grade web application security without the costs, footprint, and complexity associated with appliance-based web application firewall solutions. It is designed to protect web applications from attack vectors by enhancing default web application configurations and virtual patching. QualysGuard WAF can improve website performance by reducing page load times and optimizing bandwidth.
QualysGuard SECURE Seal helps organizations demonstrate to their online customers that they maintain a proactive security program. This solution includes scanning for the presence of malware, network and web application vulnerabilities and for SSL certificate validation. Websites that regularly perform these security scans with no critical security issues detected can display a QualysGuard SECURE Seal on their website to demonstrate to visitors that they are proactively securing their websites.
