Cloud Platform

Qualys Introduces On-Demand Platform for Network Security Audits, Vulnerability Management and Remediation

Deloitte & Touche Uses Automated Service to Meet Growing Customer Demand for More Frequent Security Audits

RSA Conference — April 14, 2003 — Qualys™, Inc., the industry provider of on-demand security audit and vulnerability management solutions, today unveiled major enhancements to its QualysGuard On-Demand Network Security platform providing enterprises with security audits, vulnerability management and remediation workflow. The platform enables organizations to take control of their network security, adhere to security best practices, manage vulnerabilities and ensure remediation without incurring the burden and cost of deploying and maintaining complex software and hardware.

“In the wake of new federal regulations and growing security attacks, enterprises are recognizing that regular, independent security audits are an absolute requirement to ensure compliance and protect their networks. However, today’s methods of performing security audits manually or with traditional scanners, even on a quarterly basis, is a deployment and management challenge for large enterprises,” said John Pescatore, Vice President, Gartner Research, Gartner Inc. “Organizations are looking for immediate and regular auditing capabilities to keep pace with today’s rapidly changing network environment.”

More than 1000 customers across the globe rely on QualysGuard for automated, on-demand security auditing and vulnerability management. Recent additions to the Qualys customer base include The Thomson Corporation, webMethods, R.R. Donnelley, BASF, Cedars-Sinai Medical Center, Rockwell Automation, Fireman’s Fund, and ICI.

“Ensuring maximum protection against the latest security threats of the day is a growing concern within our organization,” stated Mark Iovinelli, Enterprise Design and Implementation Team Manager for R.R. Donnelley. “The Qualys On-Demand platform allows us to audit our security status at any moment and manage network vulnerabilities on a centralized enterprise-wide level with a fraction of the resources and cost.”

“Due to recent cyber attacks, enterprise customers increasingly wish to strengthen their network security and ensure compliance with various federal regulations. Our comprehensive security audits address these needs for our clients,” said Victor Keong, Partner, Network Attack and Penetration for Deloitte & Touche’s Security Services Group. “With Qualys’ automated platform we can immediately deliver cost-effective and frequent audits to our customers with the highest quality of detection.”

The Qualys On-Demand platform is comprised of the following components:

  • On-Demand Network Discovery: Today network security administrators do not have the tools to effectively discover the devices and systems connected to their network, identify wireless access points, ensure open port compliance, and manage VPN entry points. QualysGuard allows enterprises to catalog and visually represent the entire network topology on a regular basis where changes can be analyzed and tracked as they occur.
  • On-Demand Security Auditing: Unlike audits conducted with traditional software scanners, QualysGuard audits are fully automated, unalterable and provide indelible audit trails that record when the security audit was performed, what vulnerabilities were uncovered, how to fix them, when they were assigned and to whom, and when the repairs were successfully implemented. QualysGuard allows such audits to be performed at anytime and on a regular basis.
  • On-Demand Vulnerability Management and Remediation Workflow: Network administrators face a significant challenge in prioritizing and eliminating network vulnerabilities. QualysGuard’s distributed management capabilities enable enterprises to delegate vulnerability assessment and remediation tasks to users of various skill levels throughout the enterprise, while maintaining centralized control. This functionality, combined with links to patches, significantly simplifies network security audits, facilitates policy compliance and provides management with up-to-date reports of network security and compliance. Currently, QualysGuard APIs integrate directly with existing network management and trouble ticketing systems; in the second half of 2003 workflow capabilities will provide security managers the ability to remediate vulnerabilities through trouble tickets and one-click access to verified patches.

“QualysGuard gives enterprises the flexibility and scalability to perform security audits from a trusted third party anytime, anywhere. Not only does this ensure compliance with new federal regulations, including Sarbanes-Oxley, HIPAA and GLBA, it also gives enterprises a mechanism to protect themselves automatically from frequent and disruptive security attacks using the industry’s largest and most up-to-date database of vulnerabilities,” said Philippe Courtot, Chairman and CEO of Qualys. “Over the coming months, Qualys will continue to unveil new elements of the company’s On-Demand strategy, delivering to enterprises an automated way to manage their network vulnerabilities.”

About Qualys

With more than 2,000 subscribers ranging from small businesses to multinational corporations, Qualys has become the leader in on demand vulnerability management and policy compliance. The company allows security managers to strengthen the security of their networks effectively, conduct automated security audits and ensure compliance with internal policies and external regulations. Qualys’ on demand technology offers customers significant economic advantages, requiring no capital outlay or infrastructure to deploy and manage. Its distributed scanning capabilities and unprecedented scalability make it ideal for large, distributed organisations. Hundreds of large companies have deployed Qualys on a global scale, including AXA, DuPont, Hershey Foods, ICI Ltd, Novartis, Sodexho, Standard Chartered Bank and many others. Qualys is headquartered in Redwood City, California, with European offices in France, Germany and the U.K., and Asian representatives in Japan, Singapore, Australia, Korea and the Republic of China. For more information, please visit

Qualys, the Qualys logo and QualysGuard are proprietary trademarks of Qualys, Inc. All other products or names may be trademarks of their respective companies.

For media inquiries or to find the appropriate spokesperson

Contact: Megan Lamb
Merritt Group

For all other matters


Media Contacts:
Tami Casey
(650) 801-6196

Mariah Gauthier
(415) 963 4174