USA News Releases
Qualys Announces OEM Partnership with Verisign iDefense Security Intelligence Services to Provide Effective Risk Mitigation Protection Against Zero-Day Vulnerabilities
New QualysGuard Module Helps Customers Protect Critical Assets from Zero-Day Threats
Redwood City, Calif. - September 6, 2011 - Qualys®, Inc., the leading provider of Software-as-a-Service (SaaS) IT security risk and compliance management solutions, today announced that it will offer a new QualysGuard® Zero-Day Module utilizing a variety of iDefense® security intelligence services from VeriSign®, Inc. (NASDAQ: VRSN), the trusted provider of Internet infrastructure services for the networked world. The award-winning Verisign iDefense® service provides actionable cyber intelligence on zero-day vulnerabilities and global threats. By including select iDefense services in the new QualysGuard® Zero-Day Module, Qualys will better enable customers to proactively scan and protect critical assets.
Zero-day vulnerabilities are flaws in software products that are discovered before the software product vendor has released a patch addressing the flaw. Attackers value exploits for zero dayvulnerabilities because they increase the attacker’s ability to target organizations with structured security and fast patching programs. The zero-day module in QualysGuard VM provides customers with iDefense Exclusive Vulnerability Reports and applicable defensive measures, helping them to better address such flaws. Additionally, it adds vulnerability scan capabilities for these signatures to the QualysGuard Knowledgebase so customers can easily include it in their regular vulnerability scanning. This enhancement to QualysGuard VM offers security teams a more efficient risk mitigation capability against the threats zero-day vulnerabilities pose.
"Security threats are increasingly sophisticated and continue to exploit vulnerabilities. Organizations are increasingly looking for tools and solutions that enable them to prioritize their security measures for logical and cost-effective responses to these attacks," said Charles Kolodgy, research vice president for security products at IDC. "The new QualysGuard® Zero-Day Module, enhanced with security intelligence from Verisign iDefense, allows organizations to proactively scan their critical assets and be more prepared to respond to Advanced Persistent Threats leveraging zero-day vulnerabilities.”
The QualysGuard VM Zero-Day Module will provide:
- Scan signatures for iDefense exclusive zero-days. The module delivers QualysGuard VM scan signatures for zero-day vulnerabilities from iDefense. Customers can scan and detect these zero-day vulnerabilities as part of their automated QualysGuard scans. Customers can search for zero-day exclusive vulnerabilities from iDefense and build a scan options profile to scan for them. Once such a profile is created, it can be updated automatically with new zero-day exclusives. This will allow users to regularly scan and detect these vulnerabilities within their environments.
- Alerting capabilities based on customers’ profiles. Customers can sign-up for an alerting mechanism for any new zero-day threats based on the profile of their assets as gathered from the QualysGuard scans. Zero-day threat details are available in QualysGuard so customers can analyze their impact and utilize counter measures to protect their affected assets until a patch is available from the vendor.
- Supplemental vulnerability intelligence. Qualys will also provide the supplemental intelligence gathered by iDefense including deep analysis, insight and mitigation strategies to help businesses keep ahead of new and evolving threats and vulnerabilities.
”The cyber security threat landscape continues to evolve at a pace that exceeds the ability of most organizations to keep up,” said Ben Petro, senior vice president of Verisign’s Network Intelligence and Availability Group. “Access to, and analysis of, advanced threat and vulnerability research is an essential part of an effective information and network security strategy. Through our relationship with Qualys, we’ve made it easier for organizations of all sizes to benefit from our leading intelligence capability.”
“The addition of the deep and analytical research from iDefense as a source of vulnerability data to QualysGuard VM will ensure our customers have the most complete view of threats that pose the greatest risk to the enterprise,” said Philippe Courtot, chairman and CEO, Qualys Inc. “We are pleased to be among the first security solution providers to incorporate this critical intelligence into our solutions.”
Pricing and Availability
The QualysGuard VM Zero-Day module will be offered with QualysGuard VM Enterprise and QualysGuard VM Express for small and medium-sized businesses (SMBs). Pricing for the new module will be announced with its general availability in Q4, 2011.
Qualys, Inc. is the leading provider of Software-as-a-Service (SaaS) IT security risk and compliance management solutions. Qualys solutions are deployed in a matter of hours anywhere in the world, providing customers an immediate and continuous view of their security and compliance postures.
The QualysGuard® service is used today by more than 5,000 organizations in 85countries, including 45 of the Fortune 100, and performs more than 500 millionIP audits per year. Qualys has the largest vulnerability management deploymentin the world at a leading global company, and has been recognized by leadingindustry analysts for its market leadership. Qualys was recently named BestSecurity Company in the Excellence Awards category of the 2011 SC Awards U.S.
Qualys has established strategic agreements with leading managed serviceproviders and consulting organizations including BT, Etisalat, Fujitsu, IBM,I(TS)2, LAC, NTT, SecureWorks, Symantec, Tata Communications and TELUS. Qualys is a founding member of the Cloud Security Alliance (CSA).
For more information, please visit www.qualys.com.
Qualys, the Qualys logo and QualysGuard are proprietary trademarks of Qualys, Inc. All other products or names may be trademarks of their respective companies.
For all other matters