Qualys SCAP Auditor 1.2 Receives NIST Certification

REDWOOD CITY, Calif. – May 28, 2015 – Qualys, Inc. (NASDAQ: QLYS), a pioneer and leading provider of cloud security and compliance solutions, today announced its Qualys SCAP Auditor 1.2 has been certified by the U.S. National Institute of Standards and Technology (NIST) for use by federal agencies. These agencies are required to use a certified Security Content Automation Protocol (SCAP) tool to validate that systems comply with configuration requirements defined in the United States Government Configuration Baseline (USGCB) as mandated by the Federal Information Security Management Act (FISMA).

Qualys SCAP Auditor enables federal agencies to scan and report compliance with standardized desktop security configuration requirements using a centralized, integrated solution featuring the Qualys’ Software-as-a-Service (SaaS) architecture.

“Government agencies face a unique set of challenges when it comes to ensuring the security of their networks,” said Philippe Courtot, Chairman and CEO for Qualys, Inc. “Qualys SCAP Auditor, built on our award-winning Qualys Cloud Platform architecture allows agencies to continuously monitor and address network vulnerabilities enabling immediate compliance with key FISMA requirements, at a fraction of the cost of deploying and maintaining traditional enterprise security solutions.”

With Qualys SCAP Auditor 1.2, users can automatically discover and manage all devices and applications on the network, identify and remediate network security vulnerabilities, measure and manage overall security exposure and risk, and has been certified by NIST for the following capabilities:

• Authenticated Configuration Scanner
• Common Vulnerabilities and Exposures (CVE)
• Assessment of Windows 7 (32 and 64 bit) and Red Hat Enterprise Linux (RHEL) 5 Desktop (32 and 64 bit) The Qualys SCAP 1.2 Auditor is also compliant with SCAP version 1.2: XCCDF 1.2, OVAL 5.10, CCE 5, CPE 2.3, CVE, and CVSS 2, OCIL 2.0, CCSS 1.0, Asset Identification 1.1, ARF 1.1, TMSAD 1.0.

In addition to the SCAP certified assessment capabilities, SCAP Auditor 1.2 can process SCAP tier III content intended for the following systems: Windows 7 (32 and 64 bit), Windows XP (32 bit), Windows Vista, Windows 2008, Windows 2012, RHEL 5 (32 and 64 bit) and most Linux distributions.

For more information on Qualys SCAP Auditor 1.2 please visit https://www.qualys.com/solutions/compliance/scap/.

Additional Resources

• Learn more about Qualys SCAP Auditor 1.2
• Follow Qualys on LinkedIn and Twitter

About Qualys
Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of cloud security and compliance solutions with over 7,700 customers in more than 100 countries, including a majority of each of the Forbes Global 100 and Fortune 100. The Qualys Cloud Platform and integrated suite of solutions help organizations simplify security operations and lower the cost of compliance by delivering critical security intelligence on demand and automating the full spectrum of auditing, compliance and protection for IT systems and web applications. Founded in 1999, Qualys has established strategic partnerships with leading managed service providers and consulting organizations including Accenture, Accuvant, BT, Cognizant Technology Solutions, Dell SecureWorks, Fujitsu, HCL Comnet, InfoSys, NTT, Tata Communications, Verizon and Wipro. The company is also a founding member of the Cloud Security Alliance (CSA). For more information please visit https://www.qualys.com/.

Qualys, the Qualys logo and QualysGuard are proprietary trademarks of Qualys, Inc. All other products or names may be trademarks of their respective companies.

MEDIA CONTACTS
Melissa Liton
Qualys, Inc.
mliton@qualys.com
(650) 801-6242

Michelle Kincaid
LEWIS PR on behalf of Qualys
michellek@lewispr.com
415) 432-2467

###

Media Contact:
Tami Casey
Qualys
media@qualys.com