REDWOOD CITY, Calif. –– Oct. 9, 2014 –– Qualys, Inc. (NASDAQ: QLYS), a pioneer and leading provider of cloud security and compliance solutions, today announced it is partnering with the Center for Internet Security (CIS) to provide its Qualys Web Application Scanning (WAS) service to state governments nationwide to scan critical websites and evaluate the security of their applications. The offering is part of a new Cyber Hygiene campaign aimed at providing fundamental security resources to public and private sector organizations, with a focus on state and local governments, as well as small and medium-sized companies.
According to the Verizon 2014 Data Breach Investigations Report, attacks against vulnerable websites continue to be one of the leading causes of data breaches. The survey is based on actual security incidents and confirmed data breaches investigated over the last decade, underscoring the importance of regularly scanning web applications to prevent potential breaches.
The Cyber Hygiene campaign is a multi-year effort that provides key recommendations and tools for a low-cost program that any organization can adopt to achieve immediate and effective defenses against cyber attacks. The first phase of the campaign is focusing on five critical priorities: Count-Configure-Control-Patch-Repeat. As part of this, Qualys will provide all U.S. state governments with up to three scans of critical state-run websites including finance, healthcare and human services and public safety through the Qualys WAS solution.
“Web application scanning is fundamental to good cyber hygiene and a critical component of the campaign’s “count” recommendation–you need to know your environment in order to effectively secure it,” said William Pelgrin, CIS president and CEO. “CIS is committed to helping state, local, tribal and territorial governments improve their cyber security and we thank Qualys for joining us in this effort by making these scans available to all 50 states so they can evaluate security status and mitigate risk.”
Qualys WAS is a cloud service that can be accessed through a web browser, with no software to install or maintain. Users can accurately and efficiently test applications anywhere whether it’s on internal networks, hosted on the Internet or in cloud platforms. Relied on by leading companies around the world, Qualys WAS helps organizations reduce risk by automatically finding the official and “unofficial” apps that may be hiding in your environment.
“We are proud to participate in this national campaign to help state governments and local communities ensure the security of their websites,” said Philippe Courtot, Chairman and CEO of Qualys, Inc.. “Web application security continues to be a critical issue as demonstrated by the number of breaches we’ve seen in the past several months. Regularly scanning and testing web applications is a cornerstone of good cyber hygiene and organizations must be proactive about this in order protect against cyber threats.”
The Center for Internet Security is a 501c3 nonprofit organization focused on enhancing the cyber security readiness and response of public and private sector entities, with a commitment to excellence through collaboration. CIS produces consensus-based, best practice secure configuration benchmarks and security automation content, and serves as the key cyber security resource for state, local, territorial and tribal governments, including chief information security officers, homeland security advisors and fusion centers. CIS provides products and resources that help partners achieve security goals through expert guidance and cost-effective solutions. To learn more please visit cisecurity.org.
About Qualys, Inc.
Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of cloud security and compliance solutions with over 6,700 customers in more than 100 countries, including a majority of each of the Forbes Global 100 and Fortune 100. The Qualys Cloud Platform and integrated suite of solutions help organizations simplify security operations and lower the cost of compliance by delivering critical security intelligence on demand and automating the full spectrum of auditing, compliance and protection for IT systems and web applications. Founded in 1999, Qualys has established strategic partnerships with leading managed service providers and consulting organizations including Accenture, Accuvant, BT, Cognizant Technology Solutions, Dell SecureWorks, Fujitsu, HCL Comnet, InfoSys, NTT, Tata Communications, Verizon and Wipro. The company is also a founding member of the Cloud Security Alliance (CSA) and Council on CyberSecurity. For more information, please visit www.qualys.com.
Qualys and the Qualys logo are proprietary trademarks of Qualys, Inc. All other products or names may be trademarks of their respective companies.
Center for Internet Security
(415) 963 4174