The QualysGuard Secure Operations Center (SOC) and Web service infrastructure are designed with multiple layers of data security to protect customers' vulnerability information. QualysGuard is designed to provide end-to-end security for sensitive vulnerability data, considering industry best practices at all layers of the application.
The QualysGuard data security architecture employs robust security measures throughout the web services infrastructure:
|
The Secure Operations Center (SOC) |
|
|
Storage and Communication Security |
|
|
Intranet Scanner Appliance Security |
QualysGuard's end-to-end data security architecture includes:
|
|
Strong-encrypted vulnerability data - only the customer has a key to decrypt the data |
|
|
All communication in HTTPS (SSLv3) |
|
|
High-availability facility with tightly restricted access |
|
|
Appliance: Hardened kernel, no listening services or open ports, SSL connection to data center |
|
|
SAS-70 audited for data security |
These security features are native to the QualysGuard Web service and cannot be readily replicated in software solutions.
