USA News Releases
Free Qualys Vulnerability Scan Available for the SANS Top-20 2005 Update
New Vulnerabilities Found in Server-Side Applications and Networking Equipment Can Be Identified at https://sans20.qualys.com — Qualys CTO Presents Top-20 at Launch Event in London
In addition to identifying vulnerabilities in Windows and UNIX categories, this year's Top-20 also includes Cross-Platform Applications and Networking Products. The change reflects the dynamic nature of the evolving threat landscape. The full SANS report can be found at http://www.sans.org/top20.
"The SANS Top-20 provides an invaluable tool for helping businesses prioritize their efforts in addressing security vulnerabilities. This year's SANS Top-20 identified two growing areas of risk for organisations: increasing threats in client-side applications and critical vulnerabilities in networking equipment. These are issues that should be identified and addressed within organisations of every size," said Gerhard Eschelbeck, CTO and VP of Engineering at Qualys. Eschelbeck, along with other experts in the community, provided contributions to the development of the SANS Top-20 list and presented the Top-20 at the launch event in London.
The shift from server-side to client-side vulnerabilities was also a significant finding in the "Laws of Vulnerabilities" research presented by Eschelbeck last week at the CSI Conference in Washington, D.C. According to the research, more than 60 percent of new critical vulnerabilities occur in client applications. Client-side vulnerabilities require a user to take action, such as visiting a malicious website or opening an infected email attachment. The research can be found at www.qualys.com/laws.
Qualys' on demand model provides customers with immediate vulnerability updates, such as the Top-20 listing, without the need for installing software or building out additional infrastructure. In addition to the free scan, the QualysGuard® service detects new exposures in the SANS Top-20.
About QualysWith more than 2,000 subscribers ranging from small businesses to multinational corporations, Qualys has become the leader in on demand vulnerability management and policy compliance. The company allows security managers to strengthen the security of their networks effectively, conduct automated security audits and ensure compliance with internal policies and external regulations. Qualys' on demand technology offers customers significant economic advantages, requiring no capital outlay or infrastructure to deploy and manage. Its distributed scanning capabilities and unprecedented scalability make it ideal for large, distributed organisations. Hundreds of large companies have deployed Qualys on a global scale, including AXA, DuPont, Hershey Foods, ICI Ltd, Novartis, Sodexho, Standard Chartered Bank and many others. Qualys is headquartered in Redwood City, California, with European offices in France, Germany and the U.K., and Asian representatives in Japan, Singapore, Australia, Korea and the Republic of China. For more information, please visit www.qualys.com.
Qualys, the Qualys logo and QualysGuard are proprietary trademarks of Qualys, Inc. All other products or names may be trademarks of their respective companies.
Contact: Megan Lamb
Contact: Jonathan Bitle