Qualys Announces General Availability of Web Application Firewall (WAF)

SAN FRANCISCO, Calif. – RSA Conference USA 2014 Booth #2821, February 25, 2014 – Qualys, Inc. (NASDAQ: QLYS), a pioneer and leading provider of cloud security and compliance solutions, today announced the general availability of its QualysGuard Web Application Firewall (WAF) service for web applications running in Amazon EC2 and on-premise. Deployed as a virtual image alongside web applications, the QualysGuard WAF can be set up and configured within minutes, enabling organisations to easily provide protection for their websites.

WAF technology shields websites by applying sets of rules to HTTP conversations to prevent them from being attacked, but the technology is typically costly and difficult to apply because the rules need to be updated often to cover application updates and to address changing threats. The QualysGuard WAF cloud service provides rapid deployment of robust security for web applications with minimal cost of ownership, and it is constantly updated with new rules to keep up with application updates and newly emerging threats.

“Companies today are challenged with protecting their websites against attacks and complying with the Payment Card Industry (PCI) standard for transactions on their sites. But many organisations, especially smaller businesses, do not have the expertise or resources to effectively deploy WAFs,” said Charles Kolodgy, Research VP at IDC. “By introducing a lower cost, easy-to-use and deploy WAF cloud solution, Qualys can aid organisations in improving protection of their websites and web applications.”

“Large organisations typically have thousands of web applications to protect, while smaller businesses don’t have the resources and IT staff to protect them,” said Philippe Courtot, chairman and CEO for Qualys. “The general availability our WAF service will offer customers the flexibility they need to protect their applications no matter where they reside and whether they have a few or thousands of them.”

QualysGuard WAF offers:

• Easy, simple set-up. QualysGuard WAF is deployed as a virtual image alongside web applications. It can be set up and configured in minutes, requiring no equipment or admin resources or dedicated security staff to get set up and running.
• Real-time application defense and hardening. QualysGuard WAF blocks attacks against websites in real time. The service provides a shield around coding defects, application framework flaws, web server bugs, and improper configurations.
• Seamless, automatic updates, increasing security over time. Running on the QualysGuard Cloud Platform, the WAF service is updated automatically with new defenses from the Qualys research team, and the defense is activated intelligently according to specified policies – all without disrupting the websites or site visitors.
• Centralised Cloud Management. Delivered via the QualysGuard Cloud Platform, WAF can be centrally managed from anywhere in the world via the QualysGuard console. It provides a clear dashboard showing timelines and geolocation graphs of events. The cloud platform also provides maximum efficiency by security events from all customers, with immediate rules deployment to all WAFs connected to it.

Availability
QualysGuard WAF is available for download as a VMware virtual image to protect web applications residing on premise within datacenters. Amazon Web Services (AWS) users can launch WAF appliances from an Amazon Machine Image (AMI) to gain real-time defense of their websites and applications running on Amazon EC2, protecting them against attack. QualysGuard WAF is sold as annual subscriptions starting $1,995 for small businesses and $7,995 for larger enterprises based on the number of web applications and virtual appliances. Visit https://www.qualys.com/waf for pricing and additional information.

About QualysGuard Cloud Platform
The QualysGuard Cloud Platform and its integrated suite of security and compliance solutions help provide organisations of all sizes with a global view of their security and compliance posture, while reducing their total cost of ownership. The QualysGuard Cloud Suite, which includes Vulnerability Management, Web Application Scanning, Malware Detection Service, Policy Compliance, PCI Compliance and Qualys SECURE Seal, enables customers to identify their IT assets, collect and analyse large amounts of IT security data, discover and prioritise vulnerabilities and malware, recommend remediation actions and verify the implementation of such actions.

About Qualys Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of cloud security and compliance solutions with over 6,700 customers in more than 100 countries, including a majority of each of the Forbes Global 100 and Fortune 100. The QualysGuard Cloud Platform and integrated suite of solutions help organisations simplify security operations and lower the cost of compliance by delivering critical security intelligence on demand and automating the full spectrum of auditing, compliance and protection for IT systems and Web applications. Founded in 1999, Qualys has established strategic partnerships with leading managed service providers and consulting organisations, including Accuvant, BT, Dell SecureWorks, Fujitsu, NTT, Symantec, Verizon, and Wipro. The company is also a founding member of the CloudSecurityAlliance (CSA).

For more information, please visit www.qualys.com.

###

Qualys, the Qualys logo and QualysGuard are proprietary trademarks of Qualys, Inc. All other products or names may be trademarks of their respective companies.

Media Contact:
Tami Casey
Qualys
media@qualys.com