QualysGuard is the most widely-deployed information security and compliance cloud solution in the world with over 6,700 customers including a majority of the Forbes Global 100 and a majority of the Fortune 100.
Ranked worldwide market leader in device vulnerability assessment by IDC for three consecutive years.
The QualysGuard Cloud Platform and suite of applications is the easiest-to-deploy, most accurate, comprehensive and affordable way to reduce information security risks and meet compliance requirements.
QualysGuard performs over 1 billion IP scans/audits annually generating over 400 billion security events per year.
Qualys, Inc. is the pioneer and leading provider of information security and compliance cloud solutions with 6,700+ customers in over 100 countries, including a majority of the Forbes Global 100.
The QualysGuard ®Cloud Platform and integrated suite of applications help businesses simplify security operations and lower the cost of compliance. Unlike traditional enterprise software solutions, QualysGuard delivers critical security intelligence on demand and automates the full spectrum of auditing, compliance and protection for IT systems and web applications.
Businesses and government agencies are more distributed today than ever before, and those multiple networks and geographic locations pose a particular challenge in scaling their security and compliance operations to keep ahead of the latest emerging threats. As a result, organizations are constantly facing too many vulnerabilities affecting too many applications — often without adequate resources to mitigate the security holes through timely patching. Traditional in-house enterprise security models are too slow, costly, and cumbersome to deal with this reality.
The QualysGuard cloud delivery model enables organizations to ensure their IT systems and web applications remain secure and in compliance with data protection mandates at all times for a fraction of the cost of traditional solutions. All of Qualys’ on-demand solutions can be deployed in hours anywhere around the globe, providing customers with a view of their security and compliance posture immediately. This comprehensive security intelligence has made QualysGuard the most widely deployed on-demand security solution in the world, performing more than 1 billion IP audits per year.
Qualys Overview: Security & Compliance in the Cloud Age
Pioneering SaaS Security
Qualys was founded in 1999 at the height of the technology bubble, when Internet security was just beginning to appear on executive agendas. The company launched QualysGuard in December 2000, making Qualys one of the first entrants in the vulnerability management market. QualysGuard’s market entry was marked by a powerful combination of highly accurate and easy-to-use scanning technology that pioneered the revolutionary new approach to delivering security applications through the web that would become known as “Software-as-a-Service,” or SaaS.
Qualys’ customers were clearly impressed by the power and flexibility of the SaaS model: lower total cost of ownership, high scalability, centralized management from any Web browser, and continuous access to new and upgraded applications.
In 2005, Qualys extended its QualysGuard product line to help those customers better manage burgeoning IT compliance requirements, which are inextricably intertwined with vulnerability management—including what has now become the Payment Card Industry Data Security Standard (PCI DSS).
Qualys’ move into IT compliance management has particularly benefited the company’s client base in such heavily regulated
industries as financial services, retail, manufacturing, government and health care. In 2008, Qualys introduced QualysGuard Policy Compliance; which extended the platform’s global scanning capabilities to collect IT compliance data across the organization and map this information into policies to document compliance for auditing purposes.
Since that time, Qualys has continued to broaden the scope of its on-demand services to address new threat vectors, particularly web sites and web applications, with the releases of Qualys Guard Web Application Scanning (WAS), Qualys Guard Malware Detection, Qualys SECURE Seal and most recently with the introduction of the QualysGuard Web Application Firewall (WAF) for automated protection of web sites.
QualysGuard has received multiple awards and top ratings from leading industry analysts and technical publications.
2012 SC Magazine Europe Information Security Vendor of the Year
2013 SearchSecurity.com Gold Award for Application Security
SC Magazine Best Vulnerability Management Solution for 6 of the last 7 years
Best SME Solution of the Year for 2011 and 2012
Recognized as one of the fastest-growing software companies, Qualys attributes its phenomenal growth to its customers, who recognize the benefits of the cloud model and have enshrined it at the heart of their security and compliance efforts. That customer satisfaction is underpinned by Qualys’ deep commitment to research and development, with more than half of the company’s personnel dedicated to driving product innovation.
Qualys’ flagship product, QualysGuard Cloud Platform and its integrated suite of security and compliance applications provides organizations of all sizes with a global view of their security and compliance posture, while drastically reducing their total cost of ownership. The QualysGuard applications, including vulnerability management, policy compliance, web application scanning, malware detection and Qualys SECURE service for security testing of web sites, are used today by more than 6,700 organizations in over 100 countries, including a majority of each of the Forbes Global 100 and Fortune 100, and perform more than 1 billion IP scans/audits per year.
To further build its reach, Qualys has also secured strategic agreements with managed services providers, including BT, Dell SecureWorks, Fujitsu, IBM NTT, Symantec, Verizon and Wipro. These relationships, coupled with the QualysGuard platform’s ability to seamlessly integrate with other critical security applications, have significantly increased adoption of Qualys’ cloud information security and compliance solutions.
The QualysGuard Security and Compliance Suite – built on Qualys’ cloud platform – incorporates the following applications, all of which are delivered as a service; there is no new software to deploy or infrastructure to maintain.
Discovers all devices and applications across the network, at the same time identifying and mitigating the vulnerabilities that make network attacks possible.
Delivers immediate alerts whenever threats or unexpected changes are found in an organization’s Internet perimeter – before they turn into breaches. Catches unexpected hosts, expiring SSL certificates, open ports, severe vulnerabilities, and undesired applications. Helps IT identify the highest-priority issues to enable fast and efficient mitigation and remediation.
Helps organizations pass security audits and document compliance tied to corporate security policies, laws, and industry regulations, supporting the requirements of both internal and external auditors.
Centralizes and automates the gathering of risk data and compliance evidence from employees, partners, vendors and other subject matter experts. It frees organizations from manual, labor-intensive approaches (such as email and spreadsheets) so that all phases of their assessment programs can be managed efficiently and reliably online.
Provides small and medium-sized businesses with enterprise-level scanning and reporting that’s easy to implement and maintain, and enabling large corporations to meet PCI compliance requirements for data protection on a global scale.
Provides automated crawling and testing for custom web applications to identify vulnerabilities including for cross-site scripting and SQL injection. The automated service enables regular testing that produces consistent results, reduces false positives, and easily scales to secure large numbers of Web sites.
Protects web sites against attacks on server vulnerabilities and web app defects. Brings Cloud scalability and simplicity that make it possible to strongly secure web apps against Cross-Site Scripting (XSS), SQL injection, corrupted requests and other attacks in less than 30 minutes. Complements QualysGuard WAS to make identifying and mitigating attacks seamless.
Is a free service that proactively scans web sites of any size, anywhere in the world, for malware infections and other threats, sending alerts to web site owners. The enterprise edition with advanced reporting and notification options enables businesses to scan and manage a large number of sites, preventing web site black listing and brand reputation damage.
Enables online businesses of all sizes to scan their web sites for the presence of malware, network and application vulnerabilities, as well as SSL certificate validation. Once a web site passes all four security scans, the service generates a Qualys SECURE seal for the merchant to display on their web site, demonstrating to visitors that the company is committed to security.