Qualys Adds to Its SaaS Offerings Two-Factor AuthenticationPowered by VeriSign® Identity Protection Authentication Service from Symantec

RSA Conference Europe, London - October 13, 2010 - Qualys®, Inc., the leading provider of on demand IT security risk and compliance management solutions, today announced that it will offer two-factor, or strong authentication, at no extra charge to its customers worldwide. By deploying Symantec’s VeriSign® Identity Protection (VIP) Authentication Service, Qualys is strengthening and protecting the digital identities of QualysGuard users in a highly visible way.

The VIP Authentication Service is the leading cloud-based authentication service that enables enterprises to secure online access and transactions to obtain compliance and reduce fraud risk. A fully hosted two-factor authentication Security-as-a-Service (SaaS) solution, VIP offers a cost-effective way to give legitimate users access to business resources, enterprise applications and online websites while thwarting identity thieves and e-fraud cartels.

Used by more than 5,000 corporations, including 43 of the Fortune 100, QualysGuard is the widest deployed on demand IT security and compliance solution in the world. With QualysGuard’s Software-as-a-Service (SaaS) delivery model, users can access and manage their accounts from any web browser, anywhere in the world. Working with Symantec, Qualys seamlessly integrated the VIP Authentication Service with QualysGuard, relieving customers from the cost and burden of deploying and managing an additional layer of authentication.

VIP provides an additional layer of protection beyond standard username and password by requiring a dynamic one-time use six-digit security code generated by a user’s VIP credential. QualysGuard administrators can require the VIP Authentication Service for all accounts, or individuals can opt-in as desired. VIP strong authentication is easy and cost-effective to deploy, with support for a variety of credentials (from freely available mobile phone and PC-based software credentials to hardware tokens from industry leading vendors). The VIP Authentication Service also enables programmatic access to the QualysGuard API so customers can utilize integrated partner solutions for additional capabilities.

“We have been using QualysGuard IT Security and Compliance Suite to help accurately identify and remediate security vulnerabilities and meet PCI (payment card industry) requirements to protect customer data,” said David Rickling, senior manager, site operations, information technology & security for eHealth. “We have been using the VIP service to give us an added layer of security when we sign in to QualysGuard for a view of our IT security and compliance across our infrastructure. We feel our use of the VIP service in this manner helps to ensure secure authentication while using QualysGuard to access security information.”

“By integrating the proven VIP Authentication Service into QualysGuard, Qualys can now offer its customers greater levels of security to protect their online data every time they sign in to their portals to manage their IT security and compliance tasks. And with the cloud-based VIP Authentication Service, Qualys can deploy strong authentication faster and with performance that would otherwise be cost prohibitive,” said Kerry Loftus, senior director of product management for User Authentication at Symantec.

“Two-factor authentication is another key technology that cloud-based services must adopt to prevent account takeovers made possible by weak or stolen passwords,” said Philippe Courtot, chairman and CEO for Qualys. “Working together with Symantec, we are pleased to offer the VIP service to our customers at no additional cost to add another critical layer of security.”

Pricing and Availability
The VIP Authentication Service is now available for free in the QualysGuard IT Security and Compliance Suite, which includes vulnerability management, policy compliance, PCI compliance and web application scanning. For more information, read our blog on The Qualys Community.

About Qualys

Qualys, Inc. is the leading provider of on demand IT security risk andcompliance management solutions – delivered as a service. Qualys’Software-as-a-Service solutions are deployed in a matter of hours anywhere inthe world, providing customers an immediate and continuous view of theirsecurity and compliance postures.

The QualysGuard® service is used today by more than 4,000 organizations in 85countries, including 42 of the Fortune Global 100 and performs more than 500million IP audits per year. Qualys has the largest vulnerability managementdeployment in the world at a Fortune Global 50 company.

Qualys has established strategic agreements with leading managed serviceproviders and consulting organizations including BT, Etisalat, Fujitsu, IBM,I(TS)2, LAC, NTT, SecureWorks, Symantec, Tata Communications and TELUS.

For more information, please visit www.qualys.com.

###

Qualys, the Qualys logo and QualysGuard are proprietary trademarks of Qualys, Inc. All other products or names may be trademarks of their respective companies.

For all other matters
Contact: pr@qualys.com

Media Contact:
Tami Casey
Qualys
media@qualys.com