Cloud Platform
Support

Qualys Introduces New Security Audit Reports for Regulatory Compliance and Security Best Practices

RSA SecurID® Two-Factor Authentication Combined with Tamper-Resistant Reports Delivers Third-Party Certification of Network Security

RSA Conference, San Francisco, CA — February 24, 2004 — Qualys™, Inc., the market leader of on-demand Network Security Audits and Vulnerability Management, today introduced additional reporting and security controls within its QualysGuard® Web service to help companies implement security best practices, meet regulatory compliance requirements, and protect against today’s new breed of rapidly propagating viruses and worms such as the recent MyDoom attacks.

With the addition of a two-factor authentication system powered by RSA SecurID®, the QualysGuard Web service now offers enterprises an added layer of security to authenticate users and control access to encrypted third-party audit reports, as required by regulatory mandates. These reports are delivered in HTML, XML, and now available in unalterable Adobe® PDF formats. New report templates also give organizations the ability to manage the most critical vulnerabilities as identified by Qualys. RV10 (Real-Time Top Ten Vulnerabilities) index, a dynamic list of the most critical and prevalent security vulnerabilities, based on aggregate data from thousands of network scans.

“From an information security standpoint, formal network security auditing is critical not only for protecting our networks against fast-moving worms and viruses, but also for achieving Sarbanes-Oxley compliance. Most companies will quickly realize this as they develop their own set of guidelines,” said Daniel Klinger, Information Security Executive at Hershey Foods. “We have implemented a set of primary controls at Hershey to achieve Sarbanes-Oxley compliance, and QualysGuard, with its secure, comprehensive reports, serves as one of our fundamental processes.”

Legislation, regulation and increased liability are mandating the protection of data throughout the organization, notes Michael Rasmussen of Forrester Research. He adds in his December 18, 2003 report “IT Trends 2004: Operating System Security” that organizations can no longer afford to ignore security on internal systems and they face significant liability and repercussions when sensitive and personal information is accessed as a result of a security breach.
Current security regulations require organizations to provide continuous certification that network assets are adequately protected against worms and viruses. As a web service, QualysGuard automates the auditing and risk management process and helps companies implement a compliance process from a trusted third-party source.

Unlike software-based vulnerability management solutions that require significant installation and maintenance, Qualys. Web service enables companies to quickly and easily audit large, distributed networks on a continuous basis. The service provides a secure, unalterable audit trail that records the discovery, management and remediation of security vulnerabilities.

About QualysGuard

The QualysGuard Web Service automates Network Security Audits and Vulnerability Management ensuring the security of information networks. With the highest degree of accuracy, data integrity, scalability, and ease of use, QualysGuard is available in a variety of packages designed to meet the specific needs of enterprises, SMBs, consultants, or managed service providers.

About Qualys

With more than 2,000 subscribers ranging from small businesses to multinational corporations, Qualys has become the leader in on demand vulnerability management and policy compliance. The company allows security managers to strengthen the security of their networks effectively, conduct automated security audits and ensure compliance with internal policies and external regulations. Qualys’ on demand technology offers customers significant economic advantages, requiring no capital outlay or infrastructure to deploy and manage. Its distributed scanning capabilities and unprecedented scalability make it ideal for large, distributed organisations. Hundreds of large companies have deployed Qualys on a global scale, including AXA, DuPont, Hershey Foods, ICI Ltd, Novartis, Sodexho, Standard Chartered Bank and many others. Qualys is headquartered in Redwood City, California, with European offices in France, Germany and the U.K., and Asian representatives in Japan, Singapore, Australia, Korea and the Republic of China. For more information, please visit www.qualys.com.


QualysGuard is a registered trademark of Qualys, Inc. Qualys and the Qualys logo are trademarks of Qualys, Inc. All other trademarks are the property of their respective owners.

For media inquiries or to find the appropriate spokesperson

Contact: Megan Lamb
Merritt Group
703-390-1535

For all other matters

Contact: pr@qualys.com

Media Contacts:
Tami Casey
Qualys
(650) 801-6196
tcasey@qualys.com

Mariah Gauthier
HighwirePR
(415) 963 4174
qualys@highwirepr.com