Cloud Platform
Contact us

Qualys Offers Free Ransomware Risk Assessment & Remediation Service

New service, leveraging analysis from Qualys researchers, delivers a ransomware focused, prescriptive plan with patch deployment to help organizations reduce risk

FOSTER CITY, Calif. October 5, 2021 - Qualys, Inc. (NASDAQ: QLYS), a pioneer and leading provider of disruptive cloud-based IT, security and compliance solutions, today announced the availability of its Ransomware Risk Assessment Service to provide companies with visibility into their ransomware exposure and automate the patching and configuration changes needed to reduce risk immediately. As part of Cybersecurity Awareness Month and to help organizations proactively combat ransomware, Qualys is making the solution available at no cost for 60 days.

Ransomware continues to escalate with the FBI reporting a 62% year-over-year increase for the period ending July 31, and President Biden convening with global leaders in an effort to protect economic and national security. Unpatched vulnerabilities, device misconfigurations, internet-facing assets and unauthorized software rank consistently among the top attack vectors. Authorities like CISA and NIST recommend that organizations strengthen their defense by proactively assessing ransomware risk including quickly patching associated vulnerabilities.

“While there is no silver bullet to prevent ransomware, companies can take charge with proactive measures including solid cybersecurity hygiene, patching for known ransomware vulnerabilities, changing configurations and adjusting security policies,” said Jim Reavis, co-founder and CEO of the Cloud Security Alliance. “Qualys Ransomware Risk Assessment puts cybersecurity teams in control by operationalizing government guidelines and providing a company-specific ransomware heatmap so they can eliminate an area of risk and shrink their attack surface.”

Qualys vulnerability and threat researchers analyzed ransomware attacks over the last five years to identify approximately 100 CVEs commonly used by ransomware threat actors. Researchers mapped CVEs to ransomware families like Locky, Ryuk/Conti and WannaCry along with specific misconfigurations that are typically leveraged by the threat actors.

Leveraging the research, Qualys developed the Ransomware Risk Assessment Service, powered by the VMDR platform, to help organizations proactively identify, prioritize, track and remediate assets that are vulnerable to ransomware attacks. Once identified, vulnerabilities are mapped to available patches that can be directly deployed from the service without requiring additional tools and VPNs reducing the company’s ransomware exposure.

Qualys Ransomware Risk Assessment Service leverages a single, dynamic dashboard to provide a clear comprehensive view of your ransomware risk exposure including:

Identification of Internet Facing Assets
The solution includes comprehensive asset discovery and a global asset software inventory that identifies and highlights internet-facing assets and unauthorized software to eliminate security blind spots.

Clear Insights into Ransomware Exposure
Expertly researched and curated ransomware-specific vulnerabilities and misconfigurations provide actionable insights so security teams can prioritize workflows and take immediate steps to reduce ransomware risk. Teams can also track remediation progress via live dashboards that provide clear metrics.

Integrated Patch Deployment
One-click and zero-touch workflows kickoff remote vulnerability patching regardless of the asset location. Since the solution is cloud-based, the need for on-premises patching tools that require VPNs is eliminated.

Qualys Ransomware Risk Assessment dashboard
Qualys Ransomware Risk Assessment dashboard

“Ransomware risk is top of mind for CISOs who are no longer satisfied with reactive tools and generic guidelines. They want actionable information to reduce risk proactively,” said Sumedh Thakar, president and CEO of Qualys. “The Qualys security team has extensively researched past ransomware attacks as well as CISA, MS-ISAC and NIST guidance and operationalized it into a prescriptive, actionable plan so companies can proactively remediate to stay ahead of ransomware attacks and reduce their overall risk.”

The Qualys Ransomware Risk Assessment Service is available immediately. If you would like to sign up for the 60-day no-cost service visit

To learn more, join Qualys on October 21, for our webinar, Combating Risk from Ransomware Attacks, or explore our research findings in the Combating Risk from Ransomware Attacks blog.

Additional Resources

About Qualys
Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of disruptive cloud-based IT, security and compliance solutions with over 19,000 active customers in more than 130 countries, including a majority of each of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and consolidate their security and compliance solutions in a single platform and build security into digital transformation initiatives for greater agility, better business outcomes, and substantial cost savings.

The Qualys Cloud Platform and its integrated Cloud Apps deliver businesses critical security intelligence continuously, enabling them to automate the full spectrum of auditing, compliance, and protection for IT systems and web applications across on premises, endpoints, cloud, containers, and mobile environments. Founded in 1999 as one of the first SaaS security companies, Qualys has established strategic partnerships with leading cloud providers like Amazon Web Services, Microsoft Azure and the Google Cloud Platform, and managed service providers and consulting organizations including Accenture, BT, Cognizant Technology Solutions, Deutsche Telekom, DXC Technology, Fujitsu, HCL Technologies, IBM, Infosys, NTT, Optiv, SecureWorks, Tata Communications, Verizon and Wipro. The company is also a founding member of the Cloud Security Alliance. For more information, please visit

Qualys and the Qualys logo are proprietary trademarks of Qualys, Inc. All other products or names may be trademarks of their respective companies.

Media Contact:
Jackie Dutton