TippingPoint and Qualys Partner to Tightly Integrate Intrusion Prevention with Vulnerability Management

Integration offers easy to use, automated and accurate “out-of-the-box” threat mitigation

AUSTIN, TX & Berkshire, UK - October 21, 2009 - TippingPoint and Qualys today announced a partnership that will give organisations the ability to more quickly defend their networks against the latest security attacks. As part of the agreement, the TippingPoint® Intrusion Prevention System (IPS) will be integrated with Qualys’ QualysGuard® Vulnerability Management (VM) solution, allowing organisations to simulate the results of IPS configuration changes against indentified vulnerabilities and make the needed changes. The resulting mitigation reports show IT administrators how to remediate these vulnerabilities, which gives them more time to test and deploy patches in a structured manner.

A recent report issued by the SANS Institute, TippingPoint and Qualys found that organisations are extraordinarily vulnerable to attacks at the application level – this includes attacks targeted at customised Web applications or from unpatched user-side applications like PDF readers. Attacks aimed at these applications are often very damaging and are also very quick to impact business operations, making it critical for organisations to be able to respond quickly to protect themselves.

“Not only are security attacks increasing in frequency, but they are coming at our networks from every conceivable angle and are potentially more dangerous if they are not caught. It is absolutely critical to be able to respond quickly to protect the network from these attacks,” said Walter Petruska, Information Security Officer at University of San Francisco. “The integration of Qualys and TippingPoint will give us the tools to react quickly to looming threats and ensure our networks are safe.”

Faster Response for Better Protection
QualysGuard Vulnerability Management actively monitors the network access points on an organisation’s networks to determine where it is vulnerable. The TippingPoint IPS provides active vulnerability protection through its Digital Vaccine® service. Customers of both TippingPoint and Qualys will – in a matter of seconds – get a combined view of their vulnerabilities mapped specifically to the Digital Vaccine filters that virtually patch these vulnerabilities, protecting them from being exploited by the latest viruses and worms.

Specifically, the integration, built using the QualysGuard API, will give customers the ability to:

  • Select the QualysGuard Asset Groups that are protected by TippingPoint IPS;
  • Generate a differential vulnerability report to demonstrate the benefit of the TippingPoint IPS by showing all the vulnerabilities of the targets and highlighting the vulnerabilities mitigated by the TippingPoint IPS.
  • Adjust the TippingPoint filter set for desired protection, thereby extending the time IT administrators have to test and deploy patches in a structured manner.

“Qualys is a leader in vulnerability management and has developed an extensive knowledge base of vulnerabilities,” said Alan Kessler, president of TippingPoint. “Mapping our Digital Vaccine filters to these known vulnerabilities provides our customers with an effective solution for improving security, achieving compliance with regulatory requirements and reducing total cost of operation. We are thrilled to be able to offer our customers the benefits of this integration.”

Compliance Drives Need to Operationalise Security
As security and industry regulations become more interconnected, it is becoming necessary to make key controls quantifiable to demonstrate compliance. The days of separate tool silos that provide a snapshot view of one aspect of security are gone. Combining vulnerability information with attack protection details provides organisations with documented, actionable data and processes that can be used for auditing and tracking to demonstrate compliance.

“More than ever, collaboration between security vendors is paramount to the tackle the threat landscape ahead of us as no one vendor can do it all,” said Philippe Courtot, chairman and CEO at Qualys. “We are delighted to partner with TippingPoint, a leading IPS vendor, to tightly couple vulnerability management with intrusion prevention thus bringing to market a joint solution that helps our customers become more effective in defending against cyber attacks and expedite their compliance initiatives at a cost they can afford.”

About Qualys

Qualys, Inc. is the leading provider of on demand ITsecurity risk and compliance management solutions – delivered as a service.Qualys’ Software-as-a-Service solutions are deployed in a matter of hoursanywhere in the world, providing customers an immediate and continuous view oftheir security and compliance postures.

The QualysGuard® service is used today by more than 3,500 organizations in 85countries, including 40 of the Fortune Global 100 and performs more than 200million IP audits per year. Qualys has the largest vulnerability managementdeployment in the world at a Fortune Global 50 company.

Qualys has established strategic agreements with leading managed serviceproviders and consulting organizations including BT, Etisalat, Fujitsu, IBM,I(TS)2, LAC, SecureWorks, Symantec, Tata Communications, TELUS and VeriSign.For more information, please visit www.qualys.com.

About TippingPoint and 3Com

TippingPoint is the enterprise security brand of 3Com Corporation, a $1.3 billion global enterprise networking solutions provider that sets a new price/performance standard for customers. 3Com has three global brands—H3C, 3Com, and TippingPoint—that offer high-performance networking and security solutions to enterprises large and small. The H3C® enterprise networking portfolio—a market leader in China—includes products that span from the data center to the edge of the network, while TippingPoint is a leading global provider of comprehensive network security solutions that address the security and regulatory compliance needs of complex network environments for enterprises, government agencies, service providers and academic institutions to deliver in-depth, no-compromise application, infrastructure and performance protection. For more information on TippingPoint, please visit www.tippingpoint.com, or the press center at www.tippingpoint.com/press.

###

Qualys, the Qualys logo and QualysGuard are proprietary trademarks of Qualys, Inc. All other products or names may be trademarks of their respective companies.

For all other matters
Contact: pr@qualys.com

Media Contact:
Tami Casey
Qualys
media@qualys.com