More M&A on the Way as Software-as-a-Service Disrupts the Economics of Enterprise Software and Security

San Francisco, RSA Conference - February 5, 2007 - Qualys®, Inc., the leading provider of on-demand security risk and compliance management solutions, today announced that Qualys CEO and Chairman Philippe Courtot will present at two sessions during the upcoming RSA Conference, the world’s premier information security tradeshow.

Courtot’s keynote presentation on Friday, February 9 titled, “On-Demand Applications: Changing the Economics of Security,” will explore the driving forces behind the rapid consolidation of enterprise and security software vendors over the past 12-18 months. He will outline how mergers and acquisitions have led to the evolution of “mega suites” of security software, which further complicate the already-complex challenge of defending an organization’s internal systems, external network and in-transit information from security attacks.

Courtot will describe how the on-demand model is changing the economics of developing, integrating, distributing, deploying and securing business and communication applications by drastically reducing the cost, complexity and integration headaches typically associated with a software-based approach. He will identify the major security solutions and services vendors helping to spearhead this change and highlight those that are embracing the on-demand security model.

“Too often, security technology companies look to the traditional software suite vendors as the business model they should emulate when bringing products to market with a total disregard to what model best suits the customer,” said Courtot. “Organizations like Google and Apple have revolutionized established markets, such as advertising and music, by building highly automated Internet-based platforms and a high focus on customer needs, thus reducing the delivery costs while increasing the ease-of-use and value. The days of the integrated, mega-software suite are numbered as more and more global organizations embrace software delivered as a service over the web—finally realizing that security applications should solve complex problems, not create more. This will, in turn, lead to more mergers and acquisitions among software providers and forever change how security applications are measured in terms of cost, effectiveness and return-on-investment.”

The greatest need that global organizations have today is to “externalize” their data and business processes in a secure way so they can do business on a global scale. As market demand and technology are rapidly change, organizations are being forced to become more nimble, relying on the flexibility of outsourcing. This trend toward outsourcing key data security functions will continue, further driving the SaaS approach.

Established high-tech vendors will have great difficulties trying to migrate to an outsourced or SaaS model, while they struggle to change their infrastructure and proprietary enterprise software solution into a platform that is both “Internet ready” and secure.

“The consolidation we are seeing now is reminiscent of the mainframe consolidation we saw only 50 years ago,” said Courtot. “The irony is that the new Internet Computing paradigm in the making consists of multiple and specialized thin devices all carrying a secure browser, while staying continuously connected to Software as a Service applications. These on-demand applications will store information and the business processes somewhere in the Internet cloud, which is, in many ways, very similar to the old mainframe and dumb terminal mainframe era – minus its cost and its lack of flexibility.”

In addition to his keynote address, Courtot will participate in a panel session titled, “Leading Private Companies: Security Pure-Play or Acquisition Bait?” The panel of security industry experts will discuss the keys to building a fundamental security company while debating the exit strategy dilemma that many young security companies endure: acquisition or remaining a privately-held pure play.

Qualys will be demonstrating its on demand security risk and compliance management platform at booth # 1216 in the exhibition hall throughout the conference. Media and analysts interested in speaking with Qualys or in seeing a demonstration of the widest deployed security on-demand solution in the world, QualysGuard, please contact qualys@schwartz-pr.com or call Kim Angell at (415) 512-0770.

About Qualys

Qualys, Inc. is the leading provider of on-demand security risk and compliance management solutions. Qualys is the only security company that delivers these solutions through a single software-as-a-service platform. QualysGuard® allows organizations to strengthen the security of their networks and conduct automated security audits to ensure compliance with policies and regulations. As a scalable and open platform, QualysGuard enables partners to broaden their managed security offerings and expand their consulting services. Qualys’ on-demand solutions are deployed in a matter of hours anywhere in the world, providing customers an immediate view of their security and compliance posture. QualysGuard is the widest deployed security on-demand solution in the world, performing over 150 million IP audits per year. For more information, please visit www.qualys.com.

###

Qualys, the Qualys logo and QualysGuard are proprietary trademarks of Qualys, Inc. All other products or names may be trademarks of their respective companies.

Media Contact:
Tami Casey
Qualys
media@qualys.com