CertView offers inventory and assessment of internet-facing SSL/TLS certificates; CloudView gives DevOps teams full inventory of public cloud workloads and infrastructure
SAN FRANCISCO – RSA® Conference 2018, Booth #N3815 – April 16, 2018 – Qualys, Inc. (NASDAQ: QLYS), a pioneer and leading provider of cloud-based security and compliance solutions, today announced the availability of two new free groundbreaking services: CertView and CloudView. Harnessing the power and scalability of the Qualys Cloud Platform, CertView and CloudView provide organizations of all sizes visibility at scale to track and monitor all their digital certificates and cloud assets.
Qualys will showcase these new services during RSA® Conference 2018.
As organizations digitally transform, the increased adoption of encrypted machine-to-machine communication and cloud infrastructure creates rapidly changing attack surfaces and new areas of risk. In order to stay ahead of this risk, organizations must automate and centralize visibility and tracking of their global certificate deployments and cloud environments.
Qualys CertView and CloudView enable organizations of all sizes to gain such visibility by helping them create a continuous inventory and assessment of their digital certificates, cloud workloads and infrastructure that is integrated into a single-pane view of security and compliance.
“Securing the digital transformation starts with visibility of hybrid IT environments and the ability to react immediately with accuracy to threats on the new attack surface,” said Philippe Courtot, chairman and CEO, Qualys, Inc. “CertView and CloudView bring the power of the Qualys Cloud Platform to global organizations, helping them discover and monitor their digital certificates and create full inventory of their public cloud assets. These are key capabilities that will help both CIOs and CISOs to adopt more proactive approaches to securing critical data during their journey to the cloud.”
CertView helps customers inventory and assess certificates and underlying SSL/TLS configurations and vulnerabilities across external-facing assets to prevent downtime and outages, and to mitigate risks associated with expired or vulnerable SSL/TLS certificates and configurations. It offers:
Certificate Discovery: Enabling Infosec and other teams to continuously scan global IT assets from the same console to discover every internet-facing certificate issued from any certificate authority.
Certificate Inventory: Enabling reduced administrative costs by bringing the entire certificate estate under central control with comprehensive visibility of all external certificates in use across DevSecOps, InfoSec and IT teams.
TLS Configuration Grades: CertView generates certificate instance grades (A, B, C, D, etc.) using SSL Labs’ methodology that allows administrators to assess often-overlooked server SSL/TLS configurations without having to become SSL experts.
Continuous Monitoring: Automation built into the Qualys Cloud Platform identifies critical issues, weaknesses and vulnerabilities for DevSecOps, InfoSec and IT teams.
Reports and Dashboards: Dynamic dashboards provide teams with a holistic and contextual view of their external certificate estate, and power automatically created downloadable reports of certificate-related vulnerabilities, certificate expirations and non-compliant certificates across externally facing IT assets.
Customers can extend the power of these same features across their internal certificates by upgrading from Qualys CertView to Qualys Certificate Inventory (CRI) and Assessment (CRA) Apps.
Qualys CertView offers inventory and assessment of internet-facing SSL/TLS certificates.
CloudView delivers customers topological visibility and insight about the security and compliance posture of their public cloud infrastructure for major providers including Amazon Web Services (AWS), Microsoft Azure and Google Cloud. It offers:
Asset discovery and inventory: CloudView continuously discovers and tracks assets and resources — instances, virtual machines, storage buckets, databases, security groups, Access Control Lists, Elastic Load Balancers and users — across all regions, multiple accounts and multiple cloud platforms in one central place.
Complete comprehensive, multi-faceted searches: CloudView powers asset searches to help teams discover their threat posture based on attributes and relationships. It lets them find leaky storage buckets, ungoverned instances, and those scheduled for retirement. Complex lookups allow teams to identify assets that are at greater risk of attack, such as those that have high-severity vulnerabilities or that exist at the edge rather than inside the DMZ.
Qualys CloudView gives DevOps teams full inventory of public cloud workloads and infrastructure.
CloudView is free for up to three accounts per public cloud platform. Customers can instantly upgrade their subscription by adding Qualys Cloud Inventory (CI) and Cloud Security Assessment (CSA) Cloud Apps, which include:
Continuous security monitoring: Boosts the security of public clouds by identifying threats caused by misconfigurations, unwarranted access, and non-standard deployments. It automates security monitoring against industry standards, regulatory mandates and best practices to prevent issues like leaky storage buckets, unrestricted security groups, and crypto-mining attacks.
Insight and threat prioritization: Provides a 360-degree view of cloud assets’ security posture, which includes cloud host vulnerabilities, compliance requirements and threat intelligence insights, so users can contextually prioritize remediation.
Quick identification of incident causes: Quickly uncovers the root cause of incidents. Simple yet powerful queries deliver search results across a complete cloud resource inventory that shows assets’ configurations and complex associations, allowing teams to also identify similar assets and mitigate issues in a unified way.
Comprehensive DevOps protection: Powers automated security checks, identifies and eliminates issues, and standardizes deployment and formation templates to make production environments more secure. All features are supported via REST APIs for seamless integration with the CI/CD tool chain, providing DevSecOps teams with an up-to-date assessment of potential risks and exposure.
Qualys CertView will be generally available this month. Sign up today at https://qualys.com/CertView-Free
Qualys CloudView is generally available today at: https://qualys.com/CloudView-Free
Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of cloud-based security and compliance solutions with over 10,300 customers in more than 130 countries, including a majority of each of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and consolidate their security and compliance solutions in a single platform and build security into digital transformation initiatives for greater agility, better business outcomes and substantial cost savings. The Qualys Cloud Platform and its integrated Cloud Apps deliver businesses critical security intelligence continuously, enabling them to automate the full spectrum of auditing, compliance and protection for IT systems and web applications on premises, on endpoints and elastic clouds. Founded in 1999 as one of the first SaaS security companies, Qualys has established strategic partnerships with leading managed service providers and consulting organizations including Accenture, BT, Cognizant Technology Solutions, Deutsche Telekom, Fujitsu, HCL Technologies, HP Enterprise, IBM, Infosys, NTT, Optiv, SecureWorks, Tata Communications, Verizon and Wipro. The Company is also a founding member of the Cloud Security Alliance. For more information, please visit www.qualys.com.
Qualys and the Qualys logo are proprietary trademarks of Qualys, Inc. All other products or names may be trademarks of their respective companies.