USA Media Coverage

Eschelbeck comments on the potency of phishing attacks

Eschelbeck says VoIP will see security problems similar to Windows, Unix

Gerhard Eschelbeck Offers Insight into Begining a Successful VoIP Rollout

Symantec joins forces with Qualys to provide enhanced security intelligence for customers.

CSO Interchange event in New York identifies regulatory compliance issues will also be a concern

More than 85 information security experts gather at Qualys-sponsored CSO Interchange

More than 85 CSOs exchanged ideas and concerns on security issues at CSO Interchange

Gerhard Eschelbeck Sits Down with SearchSecurity to Outline Top Security Challenges for 2005

Security officials at major banks discuss the challenges of securing their institutions at CSO Interchange

Gerhard Eschelbeck, CTO of Qualys, discusses the impact of Instant Messaging threats

According to Qualys CTO Gerhard Eschelbeck, more than one out of every two systems is vulnerable.

Privately held companies like Qualys may challenge legacy publicly held vendors.

Yankee Group expects more security features commoditize and move to the network to improve scalability and cut cost of ownership.

Solutions include ASP-based tools such as Qualys’ QualysGuard

Qualys sees need for following acceptable protocol when disclosing vulnerabilities

Eschelbeck questions purpose of partial disclosure

QualysGuard scans 15,000 devices on AXA’s IT network daily for potentially dangerous security vulnerabilities

Qualys announces an agentless scanner for Unix and a remediation workflow module for third-party helpdesk applications

QualysGuard selected as the Clear Choice winner

Qualys CEO Philippe Courtot Talks to Technopreneurs

Qualys estimates about 2,500 new vulnerabilities are appearing annually - sealing the weak points in your network is the best to defend yourself

Vulnerability scanners such as Qualys Inc.’s QualysGuard are effective at detecting vulnerable third-party applications deployed on active systems

eWEEK Labs uses commercial vulnerability scanning systems including Qualys Inc.’s QualysGuard

Qualys contributes to development of Top 20 list to help administrators prioritize fixes

Automated vulnerability assessments spawn growth industry

As the perimeter loses ground in the battle for secure networks, some security executives want to do away with perimeter security altogether -
but others aren’t so sure

Chemical company monitors the security of its hosting providers with Qualys’ automated scanning service

Qualys tops the list with the QualysGuard vulnerability management solution

At Geisinger Medical Center, Web-based services are revolutionizing the way care is delivered

Eschelbeck’s “vulnerability half-life” research shows the number of external systems with critical vulnerabilities decreases by 50 percent every 21 days

Qualys Subscription-Based Services Scan Corporate Networks For Potential Security Flaws

Gerhard Eschelbeck, CTO at Qualys, comments on why he thinks Oracle is doing the right thing by releasing a monthly patch.

It’s one thing to identify weaknesses in a customer’s network. It’s another to actually protect the network against potential attacks before it’s too late.

SLAs force service providers and outsourcers to hit the mark…or hit the road.

Qualys finds the pace of patching for network vulnerabilities is speeding up, but not as quickly as the production of worms to exploit them.

Companies are taking too long to patch critical internal vulnerabilities and are still struggling to protect systems against external attacks according to Qualys Inc. CTO Gerhard Eschelbeck addressing the Black Hat conference in Las Vegas.

Network security researcher Gerhard Eschelbeck reported Wednesday at the Black Hat Briefings in Las Vegas that two-and-a-half years’ worth of vulnerability-scan data shows significant improvement made since 2003 in protecting the perimeter of enterprise networks.

Driven by fast-appearing threats, network administrators are fixing the most prevalent flaws more quickly, according to a new survey from Qualys.

Organizations are becoming more adept at quickly patching their vulnerable internet-facing systems, according to Qualys CTO Gerhard Eschelbeck, but are much slower at patching behind-the-firewall systems.

Corporations are doing a better job of patching software flaws that put their networks at risk of hacker and worm attacks, but a lack of attention to programs running deep inside networks poses an ongoing risk, according to a study by vulnerability-management company Qualys Inc.

Gerhard Eschelbeck’s revised research takes a look at over 4 million critical vulnerabilities collected from a two-and-a-half-year period
– points to a significant drop in half-life of threats to enterprises’
perimeters.

This article examines what the reporter calls the Eschelbeck Theory, named after Gerhard Eschelbeck, a security researcher at Qualys.

Nearly 2,000 hackers of all stripes are expected at the 8th Annual Black Hat Briefings USA this week. Presentations beginning today will analyze vulnerabilities, zero-day code, phishing and secure wireless deployment. Gerhard Eschelbeck, CTO of Qualys, presenting “The Laws of Vulnerabilities for Internal Networks” based on research derived from real-world vulnerability data.

Companies are throwing up layers of protection as new worms and viruses appear at an ever-quickening pace.

Businesses are suffering more downtime as the threat from viruses and worms continues to grow. A well-rounded article on the latest from the information-security front.

Automated attacks against our networks are increasing in number and sophistication said Gerhard Eschelbeck, CTO of Qualys. He explains what makes systems and applications more vulnerable.

On-demand vulnerability management ensures corporate and regulatory compliance.

e-Bay CSO Howard Schmidt singled out phishing attacks as a growing menace to e-commerce at the Qualys-sponsored CSO Exchange attended by 85 CSOs.

Qualys, which sells a service that tests network vulnerabilities, is tinkering with ways to expand into regulatory work or even network repair.

Network World’s Editor in Chief, Jon Dix writes about Qualys’
business model and stresses the necessity of vulnerability management.

Gerhard Eschelbeck, CTO of Qualys, writes about the steps you need to take to identify and protect your network from the new generation of security threats.

Who’s responsible for the latest variant of the Sasser worm? Gerhard Eschelbeck, CTO of Qualys, comments on the complications that arise when source codes for worms are released.

Gerhard Eschelbeck, CTO of Qualys, and other security experts talk about the lingering threat of worms like Sasser.

Gerhard Eschelbeck, CTO of Qualys, is quoted in this article, which addresses the accelerating rate at which viruses attack and the narrowing timeframe companies have to remedy them.

Rob Vamosi focuses on what he calls the “Eschelbeck Theory”, named after Gerhard Eschelbeck, CTO of Qualys. Rob takes the research - based on the “Laws of Vulnerabilities” and puts it into practice with the latest developments of the current worm Sasser.

In this article, Gerhard Eschelbeck, CTO of Qualys, highlights the necessity of implementing automated defense strategies to thwart increasingly complex attacks.

In this article, ICI shares its best practice experience using QualysGuard.

Customers are getting wiser–and more demanding–with their dollars

Gerhard Escelbeck, CTO at Qualys, believes Microsoft is doing the right thing by releasing a single patch for all flaws that affect the same software components, rather than quickly releasing the fixes one at a time.

According to the Dynamic Best Practices in Vulnerability Management report, security managers need to incorporate four simple best practices when securing their networks from vulnerabilities.

Discover the pros and cons of network-based and host-based vulnerability assessment tools.

Enterprise security has finally become a boardroom agenda item.
Qualys customers discuss the business drivers, technology trends and budget realities of security management.

Qualys joins a who’s who list of security systems vendors that have announced the formation of the Cyber Security Industry Alliance to help coordinate information sharing with the Department of Homeland Security and promote security awareness and education.

Gerhard Eschelbeck, CTO of Qualys, is quoted throughout this article on the unpatched Windows RPC vulnerability. The article includes Gerhard’s Laws of Vulnerabilities research information and also mentions the Qualys RV10 list of the most prevalent vulnerabilities.

In this article about the difficulties of patching software flaws, Gerhard Eschelbeck of vulnerability management company Qualys is quoted on his Laws of Vulnerabilities research, saying that the cycle of fixing vulnerabilities is too long and leaves networks open to significant exposure.

Security is a hot topic in technology circles these days. For proof of that statement, one need look no further than the buzz surrounding this year’s RSA Conference in San Francisco, an annual gathering focused on information technology (IT) security. Companies such as Qualys Inc. and Tripwire Inc.
will use RSA to announce new versions of their products that work better with other security management technologies.

In this exclusive CIO Update interview, Gerhard Eschelbeck, CTO of security and vulnerability management vendor Qualys, discusses the growing need for device-level security in enterprises.

Gerhard Escelbeck, CTO at security service provider Qualys, said the way Microsoft had implemented the protection was flawed. “The protection mechanism shuts down the Wins service, in effect causing a denial of service, instead of restarting it.”

Gerhard Eschelbeck of security vulnerability scanning company Qualys, comments on latest threat, saying that embedded support for ZIPs in modern systems makes them a rich target for worms like Mydoom.

Qualys, identified the WINS denial-of-service vulnerability in October.

In this article, Gerhard Eschelbeck, CTO of Qualys, discusses the similarities between physical security and information security and how the two departments can work best together.

Dan Klinger, CISO at Hershey Foods Corp. in Hershey, Pa., uses a Web-based auditing tool from Qualys Inc., an MSSP in Redwood Shores, Calif., but no other services.