New QualysGuard Consultant Edition Featuring Virtual Scanners Brings the Power of the Cloud to Consulting Organisations

Black Hat, Las Vegas - August 3, 2011 - Qualys®, Inc., the leading provider of Software-as-a-Service (SaaS) IT security risk and compliance management solutions, today announced a new edition of the QualysGuard Consultant service, featuring virtualised scanner appliances (vScanners) and a report customisation module. The new edition brings the power of the SaaS model to consultants, delivering accurate network auditing, comprehensive vulnerability assessments, policy compliance and web application scanning, reducing time on-site for consultants and providing data-rich, customisable reports – all at a lower cost. Qualys will showcase this solution at Black Hat USA 2011, booth #206.

“The QualysGuard Consultant Edition makes it easy for us to provide Qualys’ market-leading services to clients,” said Alan J. White, director of security and risk consulting, North America, for Dell SecureWorks. “The new vScanner can be easily setup on a laptop or on our client’s premises ahead of time, so we can focus our efforts with clients on their security assessment needs. The Consultant Edition also provides reports which help us quickly categorise and identify vulnerabilities so that we may customise our security solutions to their specific requirements.”

“Releasing a special consultant edition provides consultants with a more portable and engagement-oriented edition of Qualys’ products,” said Andrew Hay, senior security analyst for The451 Group. “The addition of virtualised scanner appliances to Qualys’ portfolio means that its customers will no longer be required to transport physical appliances to client sites - something that will likely reduce deployment times in addition to facilitating more affordable engagements. The new templates and frameworks for consultants may also reduce the time and tediousness normally required to create customised reports for clients.”

QualysGuard Consultant Edition provides:

• Ease of deployment and use. Consultants can quickly and easily set up vScanners, on their laptops or at client sites to initiate engagements and perform security assessments. Consultants can also manage multiple vScanners for clients from their QualysGuard accounts, reducing time on site.

• Scalability and Accuracy. Leveraging the scalability of SaaS model, QualysGuard brings together, in a single platform, data of internal and perimeter networks as well as for infrastructure hosted in private and public clouds, such as Amazon EC2. Performing more than 500 million IP scan per year, QualysGuard has a reported six sigma accuracy rate of less than 3.4 errors per million scans.*

• Comprehensive security and compliance auditing. QualysGuard Consultant Edition simplifies the process of auditing network devices, databases and web applications by bringing together the capabilities of asset discovery, vulnerability management, web application scanning, policy compliance and PCI compliance – within one solution. A robust suite of third party integrations helps customers prioritise remediation activities by correlating discovered vulnerabilities with multiple exploit databases (like Core IMPACT and Immunity DSquare), TrendMicro Malware Encyclopedia, as well as virtual patching solutions. It empowers consultants to provide additional services like penetration testing by using QualysGuard scan data with popular frameworks like MetaSploit and Immunity CANVAS. Custom controls for policy compliance. Flexibility in creating custom controls and policies automates the validation of systems, databases, and network devices for regulatory gap analysis and readiness services for compliance with industry regulations such as HIPAA and ISO 27002. QualysGuard Consultant Edition’s robust suite of third party integrations with GRC solutions (including Archer, Modulo and Rsam) helps prioritisation of remediation activities for customers. This empowers consultants to provide additional risk and consulting services, including fully integrated GRC services.

• Highly scalable and customisable reporting engine in the cloud. The powerful reporting engine and a comprehensive library of templates allow consultants to quickly and easily create a wide variety of dynamic reports. Specialised operational reports, such as the Qualys patch report, dramatically simplify remediation efforts. Granular customisation controls provide the ability to create and manage multiple client reports from a single interface. Qualys’ SaaS reporting leverages the power of the cloud for detailed analysis of data for clients with few devices to a few million devices.

“Consultants demand more effective solutions at a lower cost to audit their clients’ networks and provide reports that can be tailored to their compliance needs,” said Philippe Courtot, chairman and CEO for Qualys. “The new QualysGuard Consultant Edition leverages our SaaS model along with virtualisation to provide consultants with a powerful, comprehensive solution for IT security and compliance auditing with high degree of accuracy and efficiency at a much lower cost.”

Pricing and Availability

QualysGuard Consultant Edition is offered as an annual subscription starting at $2,495 per year, which includes one vScanner and 250 scans. Additional scans and vScanners can be purchased as needed. The QualysGuard vScanner is now available in beta as part of the QualysGuard Consultant Edition.

For more information and to register for the beta, visit https://www.qualys.com/partners/qgcon/

*false negatives, false positives and server and service crashes reported in QualysGuard scans.

About Qualys

Qualys, Inc. is the leading provider of Software-as-a-Service (SaaS) IT security risk and compliance management solutions. Qualys solutions are deployed in a matter of hours anywhere in the world, providing customers an immediate and continuous view of their security and compliance postures.

The QualysGuard® service is used today by more than 5,000 organizations in 85 countries, including 45 of the Fortune 100, and performs more than 500 million IP audits per year. Qualys has the largest vulnerability management deployment in the world at a leading global company, and has been recognized by leading industry analysts for its market leadership. Qualys was recently named Best Security Company in the Excellence Awards category of the 2011 SC Awards U.S.

Qualys has established strategic agreements with leading managed service providers and consulting organizations including BT, Etisalat, Fujitsu, IBM, I(TS)2, LAC, NTT, SecureWorks, Symantec, Tata Communications and TELUS. Qualys is a founding member of the Cloud Security Alliance (CSA).

For more information, please visit www.qualys.com.

###

Qualys, the Qualys logo and QualysGuard are proprietary trademarks of Qualys, Inc. All other products or names may be trademarks of their respective companies.

For media inquiries or to find the appropriate spokesperson
Contact: Kim Smith/Holly Forrest
éclat Marketing
+44 1276 486 000
qualys@eclat.co.uk

For all other matters
Contact: pr@qualys.com

Media Contact:
Tami Casey
Qualys
media@qualys.com