USA Media Coverage

FREAK Out: Yet Another New SSL/TLS Bug Found

"It's a very interesting problem that shows how we mustn't be complacent about these older technologies, even though we think they are not going to be used," says SSL expert Ivan Ristic, who is director of engineering at Qualys. Read more

Mar 3, 2015

New FREAK Attack Threatens Many SSL Clients

For the nth time in the last couple of years, security experts are warning about a new Internet-scale vulnerability, this time in some popular SSL clients. Read more

Mar 3, 2015

Qualys Express Lite

Qualys Express Lite earns a five star rating from SC Magazine. Read more

Mar 2, 2015

BMC and Qualys Join Forces to Improve Enterprise Security

Software solutions provider BMC and Qualys, a provider of cloud security and compliance solutions, last week announced the launch of a new solution to tie vulnerability information to automated remediation actions, dramatically reducing the window of vulnerability while simultaneously improving IT operational performance. Read more

Mar 2, 2015

BMC & Qualys Joint Solution

Intelligent Compliance moves towards a concept of continuous audit. Instead of doing an audit every year or every quarter, Intelligent Compliance is auditing constantly, reporting vulnerabilities and security policy violations. Read more

Mar 1, 2015

Bridging the Gap Between Security and Operations Teams

Qualys' Jonathan Trull discusses how to bridge the divide between IT security and operations teams to improve security and compliance. Read more

Feb 26, 2015

BMC and Qualys Join Forces to Improve Enterprise Security

Integrated solution combines BMC BladeLogic and Qualys Vulnerability Management to quickly identify and remediate threats and boost collaboration between Security and IT Operations teams. Read more

Feb 26, 2015

Password security: Time for an upgrade?

Many organizations are exploring more secure ways to enforce authentication beyond usernames and passwords. Read more

Feb 20, 2015

The Huge Web Security Loophole That Most People Don't Know About, And How It's Being Fixed

Qualys' Ivan Ristic offers his thoughts on web security. Read more

Feb 19, 2015

Microsoft Addresses 41 IE Flaws in February Patch

This Month's security update also includes two additional "critical" remote code execution fixes for Windows. Read more

Feb 11, 2015

Microsoft Internet Explorer Update Repairs 41 Critical Vulnerabilities

At least one of the information disclosure vulnerabilities are being used by attackers in multistaged attacks, according to Wolfgang Kandek, CTO of vulnerability management vendor Qualys. Read more

Feb 11, 2015

Microsoft fixes IE memory problems

Microsoft has issued 41 patches to fix memory vulnerabilities in its browser; Windows and Office also got patches this month. Read more

Feb 11, 2015

Microsoft Pushes Patches for Dozens of Flaws

Microsoft today released nine update bundles to plug at least 55 distinct security vulnerabilities in its Windows operating system and other software. Read more

Feb 10, 2015

February 2015 Patch Tuesday: Group Policy flaw tops three critical fixes

Microsoft's February 2015 Patch Tuesday release offers three critical fixes, including one for a dangerous Group Policy vulnerability, but does not patch a recently revealed IE XSS zero-day flaw. Read more

Feb 10, 2015

Microsoft's Patch Tuesday release leaves one big vulnerability unpatched

This month's Patch Tuesday release includes three updates rated Critical, including a massive security update that fixes more than 40 flaws in Internet Explorer. Read more

Feb 10, 2015

Linux GHOST bug haunts large percentage of enterprise apps

Analysis shows 80% of business-critical apps may be affected. Read more

Feb 10, 2015

New products of the week 2.09.2015

Roundup of new products including Qualys Web Application Scanning. Read more

Feb 9, 2015

Tackling Enterprise Security Through a Continuous Approach

Qualys VP of Product Sumedh Thakar talks about how taking proactive, continuous approach to security is the best way to stay ahead of today's cyber threats. Read more

Feb 5, 2015

Halting Hackers

Sumedh Thakar, chief product officer at Qualys, says that bad actors have moved on from merely seeking some degree of fame. “They are now organized to attack companies and research laboratories for financial gain,” he says. Read more

Feb 5, 2015

Qualys Adds Progressive Scanning to Web App Security Testing Service

Cloud security and compliance solution specialist Qualys Inc. is adding progressive scanning capabilities to its Web Application Scanning (WAS) product. Read more

Feb 5, 2015

Scan Finds 'Ghost' Haunting Critical Business Applications

Wolfgang Kandek, CTO at Qualys, recently told Dark Reading that while exploitable prospects aren't necessarily easy to find, there were indeed likely others out there. Read more

Feb 5, 2015

Qualys Brings Industry¹s First Continuous Progressive Scanning Capabilities to Its Fast Growing Web Applications Scanning Solution

New Features Enable Deeper and Comprehensive Continuous Scanning of Large and Complex Web Applications. Read more

Feb 4, 2015

New tool to identify website vulnerabilities

But identifying these flaws manually can be a mammoth task. Which is why cloud security provider Qualys is announcing the latest version of its Web Application Scanning (WAS) tool. Read more

Feb 4, 2015

Qualys Adds Progressive Scanning Capabilities to Its WAS Solution

Cloud security and compliance solutions provider Qualys today announced a new version of its Web Application Scanning (WAS) solution. Read more

Feb 3, 2015

Ghost Linux vulnerability can be exploited through WordPress, other PHP apps

The buffer overflow vulnerability, dubbed Ghost, was reported Tuesday by researchers from security vendor Qualys. It is identified as CVE-2015-0235 in the Common Vulnerabilities and Exposures database. Read more

Jan 30, 2015

Linux systems hit by discovery of highly critical 'Ghost' flaw

Highly critical security vulnerability affects all Linux systems and dates all the way back to 2000. Read more

Jan 29, 2015

There's a GHOST in Linux's Library

A Qualys security research team found the GHOST flaw and worked closely with Linux distribution vendors in a coordinated effort to offer a patch for all distributions of Linux systems impacted. Read more

Jan 28, 2015

'GHOST' bug in Linux library enables remote takeover of victim's system

The best way to protect against GHOST is to apply patches from Linux distribution vendors, Sarwate said, explaining that Qualys coordinated the disclosure of the bug with the Linux distribution vendors so that patches are already available. Read more

Jan 28, 2015

How A Linux "Ghost" Spooked The Security World

A vulnerability in a widely used component of many Linux distributions could allow remote attackers to take control of a system. Researchers at Qualys have dubbed it Ghost since it can be triggered by the "gethost" functions in Linux. Read more

Jan 28, 2015

Serious 'GHOST' Flaw Puts Linux at Risk

Numerous versions of Linux are at risk from a "GHOST" vulnerability that an attacker could exploit - remotely or locally - to bypass credential checks and seize control of a system, warn researchers at cloud security and vulnerability scanning vendor Qualys. The flaw exists in the GNU C Library, a.k.a. "glibc." Read more

Jan 28, 2015

'Ghost' vulnerability poses high risk to Linux distributions

Flaw in the GNU C Library can be exploited remotely for full control and should be patched as soon as possible, according to Qualys. Read more

Jan 28, 2015

Newly Identified Linux Vulnerability Gives Full Access to Servers

Software security researchers recently identified a bug that provides hackers with an open door to the bulk of the world’s servers running Linux. Read more

Jan 28, 2015

New Linux Bug Could Cause "a Lot of Collateral Damage on the Internet"

Linux users around the world are scrambling to update their operating systems, as a new flaw known as GHOST has been shown to have the potential to cause "a lot of collateral damage on the Internet." Read more

Jan 28, 2015

Severe “Ghost” flaw leaves Linux systems vulnerable to takeover

Qualys researchers discovered the “Ghost” vulnerability – named for the fact that it can be triggered by “gethostbyname” DNS resolution functions – during a recent code audit. Read more

Jan 28, 2015

GHOST glibc Remote Code Execution Vulnerability Affects All Linux Systems

A critical vulnerability has been found in glibc, the GNU C library, that affects all Linux systems dating back to 2000. Attackers can use this flaw to execute code and remotely gain control of Linux machines. Read more

Jan 27, 2015

Qualys finds GHOST: Critical Linux remote code execution flaw

A critical Linux vulnerability, called GHOST, has been found to affect glibc versions released since 2000, and could pose a remote exploit risk on many Linux systems. Read more

Jan 27, 2015

Critical 'Ghost' Vulnerability Impacts Linux Systems

Researchers at Qualys are advising organizations to apply a patch for a critical vulnerability affecting Linux systems as far back as 2000. Read more

Jan 27, 2015

Remotely exploitable ‘GHOST’ bug strikes all Linux distros

Researchers have discovered a serious vulnerability affecting multiple distributions of the Linux OS. While there are patches available the clean up effort is likely to going be a major task for Linux admins. Read more

Jan 27, 2015

Linux makers release patch to thwart new 'Ghost' cyber threat

Sarwate knows of no cases in which hackers exploited the Ghost vulnerability to date, but suspects that motivated hackers could figure out how now that the bug has been disclosed. Read more

Jan 27, 2015

Warning! Linux is being haunted by a G-G-G-GHOST vulnerability -- are you at risk?

Qualys explains that it is calling the vulnerability a "GHOST" because "it can be triggered by the GetHOST functions". In other words, Linux isn't as safe as we thought. Read more

Jan 27, 2015

High severity vulnerability found in Linux GNU C library

The Qualys security research team has found a critical vulnerability in the Linux GNU C Library (glibc), that allows attackers to remotely take control of an entire system without having any prior knowledge of system credentials. Read more

Jan 27, 2015

Highly critical “Ghost” allowing code execution affects most Linux systems

New bug haunting Linux could spark "a lot of collateral damage on the Internet." Read more

Jan 27, 2015

GHOST, a critical Linux security hole, is revealed

Researchers at cloud security company Qualys have discovered a major security hole, GHOST (CVE-2015-0235), in the Linux GNU C Library (glbibc). This vulnerability enables hackers to remotely take control of systems without even knowing any system IDs or passwords. Read more

Jan 27, 2015

Java Patch Plugs 19 Security Holes

Oracle this week released its quarterly patch update for Java, a widely-installed program that for most casual users has probably introduced more vulnerability than utility. Read more

Jan 21, 2015

Microsoft Patches Zero-Day Windows Flaws Disclosed by Google

Qualys' Kandek noted that the Telnet vulnerability shows that even old software can still harbor new bugs. Read more

Jan 13, 2015

Update: Microsoft's Patch Tuesday focuses on Windows

The lack of fixes for IE was "pretty surprising to us," said Wolfgang Kandek, chief technology officer of security vendor Qualys, noting the browser was patched every month in 2014. Read more

Jan 13, 2015

Light January 2015 Patch Tuesday delivers one critical Windows fix

Amol Sarwate and Wolfgang Kandek provide insight into January's Patch Tuesday Read more

Jan 13, 2015

Microsoft Ends Free Public Advance Security Notification Service

Wolfgang Kandek, Qualys CTO comments on the ANS program and believes there is value in that IT administrators can read about specifics, exploits and priorities. Read more

Jan 9, 2015

Microsoft Disabling SSL 3.0 in Azure Storage Next Month

Microsoft plans to disable Secure Sockets Layer (SSL) 3.0 encryption support in its Azure Storage service next month. Its advisory includes guidance for testing web servers using Qualys SSL Labs. Read more

Jan 9, 2015

Microsoft's Patch Tuesday preview will no longer be made public

CTO Wolfgang Kandek comments that the security industry should continue to move in the direction of more information and explanation to help organizations better working to quickly manage vulnerabilities. Read more

Jan 9, 2015

Advanced notice of Microsoft Patch Tuesday fixes is no longer free

Qualys CTO Wolfgang Kandek, who also closely follows the bulletins, was skeptical that demand for the advanced notices is waning. Read more

Jan 8, 2015

What CISOs, InfoSec Pros Have on Their 2015 Wish Lists

Security experts weigh in on what they would like to see in 2015 to make their jobs wrangling users, infrastructure, and data easier. Read more

Jan 6, 2015

Qualys Solutions
Qualys Community
Free Trial & Tools
Free Trial

Nothing to install or download!

1 (800) 745 4355