Cloud Platform
Contact us

Qualys TotalCloudTM with FlexScanTM

Unified Vulnerability, Threat and Posture Management

Managing cyber risks across cloud workloads, services, resources, users, and applications is a major challenge as business applications and on-premises infrastructure migrate to the cloud. Cloud applications are especially vulnerable to attacks due to siloed cloud-security tools that increase asset protection costs and complexity.


Deploying Qualys CDR for AWS and Azure with just a few clicks, in a matter of minutes, across multiple AWS and Azure subscriptions, was a game changer for our security team. We have a complex environment with many controls, and Blue Hexagon team worked with us on integration with existing solutions including Secure Web Gateways and integrated SIEM. With their engineering team, together made sure all the security finds were tightly integrated with our SIEM platform. I have rarely seen this level of competency and engagement effort from a vendor.

Maryann Horst Mark Wootton Head of Threat and Vulnerability Management, Centrica
Norton Lifelock

Our previous CSPM tool required hours of intensive management and maintenance, and even with that significant investment of time and effort, we still often encountered technical issues; Qualys CloudView just runs and runs—we hardly ever need to touch it. We're saving one full-time employee equivalent per year by replacing manual processes with an automated workflow. As a result, we can redeploy our resources to value-added security activities, which helps us better protect the business and our customers.

Maryann Horst Maryann Horst Sr. Principal Vulnerability Management, Global Cyber Security at NLOK

Qualys is enhancing its widely used platform to deliver visibility, context, speed, automation, and orchestration in a comprehensive solution to help organizations scale their security and compliance programs for modern software development. Qualys TotalCloud incorporates security into development workflows, enabling them to release secure, reliable code, while giving security teams the control and visibility they need to manage risk by reducing their attack exposure and rapidly responding to threats.

Melinda Marks Senior Analyst at ESG

Qualys TotalCloud with FlexScan

A comprehensive cloud-native assessment solution that allows organizations to combine multiple cloud scanning options for the most accurate security assessment of their cloud environment.

Unifying Cloud-native Security Management and Remediation

A structured approach to identify, assess, and address security risks in your cloud infrastructure - Discover, Assess, Prioritize, Defend and Remediate.

Qualys TotalCloud with TrueRisk

Complete visibility and insights into cyber risk exposure across multi-cloud

Continuously discover and monitor all your workloads across a multi-cloud environment for 360-degree view of your cloud-footprint. Identify known and previously unknown internet-facing assets for 100% visibility and tracking of risks.

Comprehensive cloud-native assessment with Qualys FlexScan

Security teams get multiple hybrid assessment capabilities to secure the entire cloud attack surface, including:

  • Zero-touch, agentless, cloud service provider API-based scanning for fast analysis.
  • Virtual appliance-based scanning to assess unknown workloads over the network for open ports and remotely- exploitable vulnerability detection.
  • Snapshot assessment that mounts a workload’s snapshot for periodic offline scanning including vulnerability and open-source scanning (OSS).
  • Qualys Cloud Agents in the workload for comprehensive, real-time vulnerability, configuration, and security assessment.

Unified security view to prioritize cloud risk with Qualys TruRiskTM

The console shows a unified view of cloud security insights across workloads, services and resources. Qualys TruRisk quantifies security risk by workload criticality and vulnerability detections, correlated with ransomware, malware and exploitation threat intelligence, to prioritize, trace and reduce risk.

Fast remediation with no-code, drag-and-drop workflows

The integration of QFlow technology into Qualys TotalCloud saves security and DevOps teams valuable time and resources. Automation and no-code, drag-and-drop workflows help simplify the time-consuming operational tasks of assessing vulnerabilities on ephemeral cloud assets, alerting on high-profile threats, remediating misconfigurations, and quarantining high-risk assets.

Shift-left security to catch issues early

Qualys TotalCloud provides shift-left security integrated into developers’ existing CI/CD tools to continuously assess cloud workloads, containers, and IaC artifacts. The result is rapid identification of security exposures and remediation steps during the development, build and pre-deployment stages while providing support for the major cloud providers including AWS, Azure and GCP.

Real-time protection against evolving and unknown threats with Qualys InstaProtectTM

Qualys Cloud Detection and Response (CDR) allows users to monitor their cloud assets continuously while workloads execute to ensure that they are protected against threats and attacks at runtime. CDR keeps your cloud runtime safe by detecting known and unknown threats across the entire kill chain in near real-time across cloud environments.

A single solution for simplifying multi-cloud security visibility, assessment, and remediation

With Qualys TotalCloud, cloud security is radically simplified by combining cloud-native application protection (CNAPP) with cloud workload protection (CWPP) using Qualys VMDR and Qualys cloud platform's natively integrated applications and services. This cloud-native security solution provides multi-cloud posture visibility and prioritizes cloud misconfigurations, vulnerabilities, assets, and groups of assets using risk-based analysis. Your cloud inventory and asset relationships are continuously updated and historical, giving you visibility and control over ephemeral resources. By integrating Qualys TotalCloud with ITSM solutions such as ServiceNow, your organization can achieve rapid remediation of misconfigurations and vulnerabilities.

Secure Your Shift-left Journey

With cloud-native workload security, Qualys TotalCloud protects your code pipeline from start to finish, from build to runtime. Developer teams and DevSecOps can proactively detect insecure configurations and software vulnerabilities by integrating CI/CD tools and workflows into their development processes with TotalCloud. As a result, developers can prioritize and fix security exposures before moving applications to production.

Qualys TotalCloud Key Features

Qualys FlexScan enables zero-touch, flexible, multi-cloud assessment, including cloud provider APIs, agent-based, snapshot-based, and network-based scanning for rapid cloud inventory and assessment. FlexScan automates the configuration and auto-deployment of agents and scanners to simplify assessments.

Qualys TotalCloud's unified dashboard and TruRisk capability provides continuous insights to understand and monitor your multi-cloud security risk posture. Identifies the highest risk assets, vulnerabilities, misconfigurations.

Qualys TotalCloud's unified console allows you to manage your cloud-native risk by visualizing asset inventory, relationships, and resources across multiple dimensions, including instances, services, accounts, security groups, and network interfaces.

Integration with Qualys VMDR, delivering Six Sigma vulnerability detection accuracy, and the Qualys Cloud Platform applications and services provide security teams with a comprehensive set of capabilities to secure their multi-cloud workloads – from development to deployment and beyond.

Use Case: Vulnerability Management

Multi-Cloud Posture Dashboard
Gain continuous insights into your cloud security posture through a single integrated view of the highest risk assets, misconfigurations
Zero-Touch Assessment
Zero-touch integrated assessment: API, agent, snapshot-based and network-based scanning for rapid cloud inventory and assessment
Unified Cloud Security Management Console*
Visualize and manage all cloud-native assets and relationships through a single view and integrated with the Qualys Cloud Platform applications and services to identify and remediate the most urgent risks.
Automated Remediation Workflows
Automate cloud security workflows and response with QFlow low-code/no-code tools and automation engine.
Qualys TruRisk-Based Prioritization
The Qualys TruRisk score combines real-time intelligence of malware, historical vulnerability data, threats, and asset criticality to identify the true risk to an organization to prioritize the most critical actions.
REST APIs and Integrations
Complete features are available as REST APIs. These are clearly documented with examples and easy test options in Swagger, enabling DevOps teams to integrate security across their CI/CD toolchain

Use Case: Cloud Security Posture Management

Continuous Security Checks
Provides continuous asset detection and analysis, continuous monitoring, and identification of cloud misconfigurations and unused resources

Continuously detect, monitor, and assess your cloud assets, PaaS/IaaS resources, and Kubernetes for misconfigurations and non-standard deployments.
Security Benchmark Coverage
Complete coverage of CIS foundation benchmarks, cloud service provider benchmarks, and Qualys best practices, including Kubernetes.
Integration with the CI/CD Toolchain

Seamless integration with the CI/CD toolchains such as Jenkis, Azure DevOps and others, providing DevOps teams with real-time assessments.

Infrastructure as Code Assessment

Infrastructure as Code templates offer early visibility to misconfigurations in your cloud deployments with support for Terraform, AWS CloudFormation, and Azure ARM, as well as all three major public cloud providers, AWS, Azure, and GCP.

One-Click Remediation

Supports over 50 high visibility controls for One-Click Remediation.

Use Case: Cloud Workload Protection Platform

Vulnerability Management
Continuously detect software vulnerabilities with the most comprehensive signature database across the widest range of asset categories. Qualys is the market leader in VM.

Scan container images and running containers in your environment for high-severity vulnerabilities, unapproved images, and over-privileged entitlements.
Threat Protection
Pinpoint your most critical threats and prioritize patching. Using real-time threat intelligence and machine learning, take control of evolving threats, and identify what to remediate first
Detect and Block Drifting Runtimes
Complete understanding of the anomaly via a granular classification of rogue vulnerabilities and software packages
Integration with the CI/CD toolchain
Seamless integration with the CI/CD toolchains such as Jenkins, Azure DevOps, and others, providing DevOps teams with real-time assessments.
Security for the Entire DevOps Pipeline
Configure policies for preventing vulnerable images from entering the repositories.
Container Runtime Security
Secure, protect and monitor running containers, including Docker Engine, CRI-O, contained, and Container-As-A-Service environments with granular behavioral policy enforcement and Container as a Service environments with granular behavioral policy enforcement.
Discover and Inventory Container Assets
Provides centralized, continuous discovery and tracking for containers and images with comprehensive metadata for every container, including environments, deployment, services, users, networks, exposed ports, privileged status, etc.
Kubernetes Support
Supports both private upstream Kubernetes and certified Kubernetes distributions.
Container-Native Vulnerability Analysis
Qualys provides a self-updating, container-native sensor
Monitor and Block Behaviors
Govern runtime behavior, including file access, network communications, and process activity. Dynamically update the policies on running containers without restart
Patch Detection
Automatically correlate vulnerabilities and patches for specific hosts and decreasing your remediation response time. Search for CVEs and identify the latest superseding patches
Software Composition Analysis
Detect vulnerabilities in open-source software packages.
Comprehensive Container Framework Support
Qualys Container Security supports major container frameworks, Kubernetes, OpenShift, AKS, EKS, GKE, ECS, Mesos DC/OS, Docker Swarm, and multiple container runtimes (Docker, containerd, CRI-O).
Benchmark Coverage
Complete coverage of CIS foundation benchmarks for Docker

Use Case: Cloud Detection and Response

Detect Suspicious Communication
Visibility into assets that are communicating actively with external resources – inspect network traffic
Detect Active Threats
Detect runtime threats across kill chain detect threats: reconnaissance, command and control, installation, lateral movement, and action on objectives
Detect Unknown Threats
Leverage deep learning artificial intelligence to novel malware that is not part of traditional signature databases
Integrate with Cloud Controls
Integration with cloud native security controls – integrate with security hub and azure sentinel

Harden and defend your cloud. Sign up for Qualys TotalCloud.

Start your free trial today. No software to download or install. Email us to request a quote or call us at 1 (800) 745-4355.

Powered by Qualys Cloud Platform

Single-pane-of-glass UI

See the results in one place, in seconds. With AssetView, security and compliance pros and managers get a complete and continuously updated view of all IT assets — from a single dashboard interface. Its fully customizable and lets you see the big picture, drill down into details, and generate reports for teammates and auditors. Its intuitive and easy-to-build dynamic dashboards to aggregate and correlate all of your IT security and compliance data in one place from all the various Qualys Cloud Apps. With its powerful elastic search clusters, you can now search for any asset – on-premises, endpoints and all clouds – with 2-second visibility.

Centralized & customized

Centralize discovery of host assets for multiple types of assessments. Organize host asset groups to match the structure of your business. Keep security data private with our end-to-end encryption and strong access controls. You can centrally manage users’ access to their Qualys accounts through your enterprise’s single sign-on (SSO). Qualys supports SAML 2.0-based identity service providers.

Easy deployment

Deploy from a public or private cloud — fully managed by Qualys. With Qualys, there are no servers to provision, software to install, or databases to maintain. You always have the latest Qualys features available through your browser, without setting up special client software or VPN connections.

Scalable and extensible

Scale up globally, on demand. Integrate with other systems via extensible XML-based APIs. You can use Qualys with a broad range of security and compliance systems, such as GRC, ticketing systems, SIEM, ERM, and IDS.