Cloud Platform
Contact us
Asset Management
Vulnerability & Configuration Management
Risk Remediation
Threat Detection & Response
  • Overview
  • Platform Apps

  • Qualys Endpoint Security

    Advanced endpoint threat protection, improved threat context, and alert prioritization

  • Context XDR

    Extend detection and response beyond the endpoint to the enterprise

Cloud Security

Qualys Expands Its Popular FreeScan Service

Now Provides Comprehensive Audits for Websites, Patch Tuesday Vulnerabilities, OWASP Threats and SCAP Configuration for Both Internal and External Systems

SAN FRANCISCO, Calif. – RSA Conference USA 2013 Booth #1431, February 25, 2013 – Qualys, Inc. (NASDAQ: QLYS), a pioneer and leading provider of cloud security and compliance management solutions, today announced that it has expanded its popular FreeScan service to support scanning internal and external systems and web applications and also added new security and compliance audits for Patch Tuesday vulnerabilities, OWASP (Open Web Application Security Project) threats and SCAP (Security Content Automation Protocol) Configuration. These free tools can be accessed immediately at, and Qualys® will showcase them during the RSA Conference at booth #1431.

Delivered via the QualysGuard Cloud Platform, FreeScan is used by organizations all over the world to quickly test online whether their computers, networks, web sites and web applications are at risk from the latest threats. Qualys has expanded the service’s vulnerability scanning and configuration auditing to help organizations efficiently respond to software patches, test their own web applications and web sites, and check if they are in compliance with emerging security standards.

“Security teams are overwhelmed by a barrage of advisories about vulnerabilities in critical software, such as Java, Flash and PDF Readers, and escalating attacks on web-based applications,” said Ira Winkler, president of the Internet Security Advisors Group. “With FreeScan, organizations can now have an immediate and accurate view of their security and compliance postures without having to deploy complex and costly traditional enterprise software security solutions.”

Qualys FreeScan now integrates a variety of security and compliance scans into a single, uniform console:

  • Patch Tuesday PC Audit. This scans PCs to find missing updates and patches from business software, such as Microsoft Windows, Oracle Java and Adobe Flash and Reader. It identifies which patches are required to address vulnerabilities that are found and provides links for downloading the necessary updates. After fixes have been installed, this scan can be run again to verify that computers are up-to-date.
  • OWASP Web Application Audit. This tests web applications, either inside a company’s network or on the Internet, to see if they comply with the latest OWASP industry-standard guidelines for defending against online attacks, such as SQL injection and cross-site scripting (XSS). It organizes any issues that are found according to the corresponding OWASP categories and helps application developers fix application weaknesses.
  • SCAP Compliance Audit. This tests computers within a company’s network to see if they comply with leading security configuration benchmarks, such as the U.S. Government Configuration Baseline (USGCB), which is required by many U.S. federal agencies and organizations that do business with the government.
  • Web Site Scan for Vulnerabilities and Malware. This performs a comprehensive check of a company’s web site for server and application vulnerabilities, hidden malware and SSL security configuration errors.

Additionally, FreeScan now supports the deployment of virtual scanners for scanning internal systems and web applications.

“We are pleased to bring to market this free cloud-based service so security teams are better equipped to fend off the increasing and crippling cyber attacks on their organizations,” said Philippe Courtot, chairman and CEO of Qualys.


Qualys FreeScan is available at and can be used at no charge for up to 10 scans of network devices and web applications per organization.

About Qualys

Qualys, Inc. (NASDAQ: QLYS), is a pioneer and leading provider of cloud security and compliance solutions with over 6,000 customers in more than 100 countries, including a majority of each of the Forbes Global 100 and Fortune 100. The QualysGuard Cloud Platform and integrated suite of solutions helps organizations simplify security operations and lower the cost of compliance by delivering critical security intelligence on demand and automating the full spectrum of auditing, compliance and protection for IT systems and web applications. Founded in 1999, Qualys has established strategic partnerships with leading managed service providers and consulting organizations, including Accuvant, BT, Dell SecureWorks, Fujitsu, NTT, Symantec, Verizon, and Wipro. The company is also a founding member of the Cloud Security Alliance (CSA).

For more information, please visit


Qualys, the Qualys logo and QualysGuard are proprietary trademarks of Qualys, Inc. All other products or names may be trademarks of their respective companies.

Media Contact:
Tami Casey