Qualys Joins Check Point's New OPSEC Security Assessment Initiative

Redwood City, Calif. — January 8, 2002 — Qualys™, Inc., the pioneer of Automated Vulnerability Assessment, today announced participation in the Check Point Software Technologies Ltd. (NASDAQ:CHKP) OPSEC™ (Open Platform for Security) Security Assessment Initiative. The newly announced initiative provides a method for certification of tools and services that help validate network security through vulnerability assessment and corrective action. For more information, visit: http://www.checkpoint.com/press/2002/securityassessment010802.html.

quot;We are pleased to have Qualys join the OPSEC Alliance Security Assessment Initiative,quot; said Upesh Patel, manager of the OPSEC Alliance for Check Point Software Technologies. quot;We look forward to the integration of QualysGuard and Check Point VPN-1/FireWall-1 to provide customers with a proactive and automated network vulnerability assessment.quot;

A network’s vulnerability exposure is directly related to its security policy. QualysGuard will leverage the OPSEC interfaces with a feature that monitors security policy changes, test the vulnerability exposure of a policy and to provide assessment data directly into the Check Point log repository, creating a fully integrated, proactive verification tool for Check Point customers to establish confidence that their policy changes will not cause network vulnerabilities. This feature will be included with the QualysGuard service beginning in March, 2002.

quot;We are pleased to join the new OPSEC Security Assessment Initiative,quot; said Amer Deeba, Vice President of Marketing at Qualys. quot;Our partnership with Check Point will allow us to deliver QualysGuard to a growing number of companies who understand the value of frequent vulnerability assessment with their security infrastructure, as validation that corporate security policies are being followed and are completely effective.quot;

Delivered over the Internet, the QualysGuardTM service uses advanced vulnerability detection techniques to assess a network’s security exposures and suggest remedies before intruders can take advantage of them. The online delivery solution removes the need for specialized customer-premise software and ensures that users are able to detect the latest network vulnerabilities as they emerge. The web-based QualysGuard service detects and evaluates vulnerabilities on over three hundred applications on twenty operating systems, delivers suggestions for corrective action and provides concise summaries of every security risk found in user-friendly reports.

Check Point’s OPSEC program provides a rigorous certification process ensuring the interoperability of industry-leading security assessment tools and services with Check Point’s SVN architecture. Certified products will leverage the OPSEC framework to inform and alert administrators of potential vulnerabilities in their network.

About Qualys

With more than 2,000 subscribers ranging from small businesses to multinational corporations, Qualys has become the leader in on demand vulnerability management and policy compliance. The company allows security managers to strengthen the security of their networks effectively, conduct automated security audits and ensure compliance with internal policies and external regulations. Qualys’ on demand technology offers customers significant economic advantages, requiring no capital outlay or infrastructure to deploy and manage. Its distributed scanning capabilities and unprecedented scalability make it ideal for large, distributed organisations. Hundreds of large companies have deployed Qualys on a global scale, including AXA, DuPont, Hershey Foods, ICI Ltd, Novartis, Sodexho, Standard Chartered Bank and many others. Qualys is headquartered in Redwood City, California, with European offices in France, Germany and the U.K., and Asian representatives in Japan, Singapore, Australia, Korea and the Republic of China. For more information, please visit www.qualys.com.

About Check Point’s OPSEC

OPSEC (Open Platform for Security) is the industry’s open, multi-vendor security framework. With over 300 partners, OPSEC guarantees customers the broadest choice of best-of-breed integrated applications and deployment platforms that support Check Point’s Secure Virtual Network Architecture. Products that carry the OPSEC Certified seal have been tested to guarantee integration and interoperability. For complete OPSEC alliance program information, including partner and product listings, the freely available OPSEC SDK (software development kit) and evaluation versions of OPSEC Certified products, visit http://www.opsec.com.

The OPSEC monitoring feature will be offered with QualysGuard service in March, 2002. For more information about QualysGuard pilot programs, call 800.745.4355.

Qualys, the Qualys logo and QualysGuard are proprietary trademarks of Qualys, Inc. All other products or names may be trademarks of their respective companies.

Media Contact:
Tami Casey
Qualys
media@qualys.com