Cloud Platform
Contact us
Asset Management
Vulnerability & Configuration Management
Risk Remediation
Threat Detection & Response
  • Overview
  • Platform Apps

  • Qualys Endpoint Security

    Advanced endpoint threat protection, improved threat context, and alert prioritization

  • Context XDR

    Extend detection and response beyond the endpoint to the enterprise

Cloud Security

Qualys Announces QualysGuard Policy Compliance 2.0

New Release Delivers Open APIs, Comprehensive Technology Coverage, Customized Controls with New Advanced Reporting and Search Capabilities

RSA Conference (Booth # 1717) - April 20, 2009 - Qualys, Inc., the leading provider of on demand IT security risk and compliance management solutions, today announced QualysGuard Policy Compliance 2.0 as a new upgrade to its QualysGuard Security and Compliance Software-as-a-Service (SaaS) Suite, the company’s flagship solution for IT security risk and compliance management. Qualys is unveiling and demoing a number of new products and product upgrades at the RSA Conference this week at booth # 1717.

“With today’s regulatory climate, customers are looking at strengthening and streamlining their compliance efforts more than ever,” said Tyson Whitten, senior product manager of VeriSign Managed Security Services. “With QualysGuard Policy Compliance 2.0 we now have a powerful SaaS solution to complement our managed security services.”

QualysGuard Policy Compliance 2.0

Policy Compliance 2.0 addresses the convergence of IT security and policy compliance to reduce complexity for auditors, security professionals and executive management. New and upgraded Policy Compliance 2.0 features and customer benefits include:

  • Open APIs—XML extensible interface allows customers and GRC vendors to programmatically query security and compliance data of systems in scope for compliance initiatives.

  • Comprehensive Control Coverage—Due to overwhelming demand, Qualys has been actively involved in receiving and responding to new control requests for current and new technologies. Policy Compliance 2.0 spans multiple operating systems and applications used within the enterprise with mappings to popular compliance frameworks and regulations.

  • Trending and Compliance Charts—Many security and compliance tools only show snapshots of compliance at a single point in time, whereas Policy Compliance 2.0 enables compliance and security managers to monitor the ongoing effectiveness of their programs with detailed trend reports.

  • Control Cross Reference—IT auditors need to know which compliance configuration and security policies are in effect and what mitigating procedures are initiated when violations occur. Policy Compliance 2.0 includes the ability to ‘link’ to external content via hyperlink or textual reference, compliance and security personnel can navigate to the appropriate corporate approved mitigating procedure right from the Qualys interface.

  • User Defined Controls for Registry Values and ACL’s—Qualys is developing a series of User Defined Controls or UDC’s that enable users to create their own controls dynamically, as needed, without having to submit control requests to Qualys development. Starting with the registry, users can create controls for expected registry values and ACL’s.

  • Search and Performance Improvements—By providing a modular approach to security policy creation, Qualys enables customers to build security policies in QualysGuard that are mapped to existing hardened documents already being used in the customer’s IT infrastructure. To ease identification of matching controls, Qualys has built-in additional search functionality to better enable customers to locate the controls they need.

Pricing and Availability

QualysGuard Policy Compliance 2.0 is available as part of the QualysGuard Security and Compliance Suite on May 26, 2009. QualysGuard annual subscriptions are based on the number of systems scanned and include unlimited number of scans and 24x7 support and updates.

About Qualys

Qualys, Inc. is the leading provider of on demand ITsecurity risk and compliance management solutions – delivered as a service.Qualys’ Software-as-a-Service solutions are deployed in a matter of hoursanywhere in the world, providing customers an immediate and continuous view oftheir security and compliance postures.

The QualysGuard® service is used today by more than 3,500 organizations in 85countries, including 40 of the Fortune Global 100 and performs more than 200million IP audits per year. Qualys has the largest vulnerability managementdeployment in the world at a Fortune Global 50 company.

Qualys has established strategic agreements with leading managed serviceproviders and consulting organizations including BT, Etisalat, Fujitsu, IBM,I(TS)2, LAC, SecureWorks, Symantec, Tata Communications, TELUS and VeriSign.For more information, please visit


Qualys, the Qualys logo and QualysGuard are proprietary trademarks of Qualys, Inc. All other products or names may be trademarks of their respective companies.

For all other matters

Media Contact:
Tami Casey