ArcSight, GuardedNet, NetForensics, and Network Intelligence Partner with Qualys to Increase Accuracy of Threat Information
RSA Conference, San Francisco, CA — February 24, 2004 — Qualys, Inc., the market leader of on-demand Network Security Audits and Vulnerability Management, today announced the integration of its QualysGuard® Web service with security information management (SIM) solutions from ArcSight, GuardedNet, netForensics, and Network Intelligence. Integrating network security event information with real-time vulnerability data from QualysGuard® significantly increases the accuracy of threat detection and reduces false-positives for enterprise customers.
“Companies, like ours, simply do not have time or the resources to manually process thousands of security alerts, many of which are false-positives,” said Christofer Hoff, Director of Enterprise Security Services at WesCorp. “Furthermore, the distillation of these threats and vulnerabilities based upon business impact and criticality becomes absolutely essential when dealing with thousands of managed assets. By integrating Qualys’ vulnerability management with our SIM solution, we will be positioned to receive more accurate and timely information about potential network security threats across our entire enterprise.”
Available from leading SIM vendors, customers now have the ability to review and take action on alerts and vulnerability data in one console where security information is seamlessly aggregated and correlated in real-time. Vulnerability data and system information collected through QualysGuard’s audits add trusted, third-party intelligence to security alerts, giving customers more detailed knowledge about the risk level associated with critical assets - saving administrators significant time and resources in securing large, distributed enterprise networks.
“Correlation of threat information with real-time vulnerability management data enables us to make both strategic and tactical risk management decisions about our distributed network and to react in a more focused manner,” added WesCorp’s Christofer Hoff. Integration of QualysGuard’s network vulnerability data with event management solutions provides customers with accurate correlation and verification of event log data generated from a variety of security devices, such as firewalls, proxy servers, intrusion detection systems, intrusion prevention systems, and antivirus software.
“With these integrations, we are giving customers a broad view of their entire network security with the ability to correlate accurate, real-time vulnerability data with security event information for increased intelligence and reduced false-positives,” said Philippe Courtot, Chairman and CEO of Qualys. “The web service approach combined with the open architecture of the QualysGuard platform makes for an easy and straightforward integration with SIM solutions.”
“Our mutual customers require the best data possible to make informed security decisions in protecting their critical assets, and ArcSight has been the pioneer in the use of vulnerability information, especially in the correlation function,” said Larry Lunetta, VP of Marketing and Business Development at ArcSight. “Integrating QualysGuard data with ArcSight 3.0 facilitates the translation of abundant security information into credible business intelligence that customers can use to effectively reduce their risks.”
ArcSight, winner of Network Computing magazine’s Editor’s Choice and the NetworkWorld Blue Ribbon Award, is the leading provider of enterprise security management software. By linking security management to key business assets and processes, ArcSight is enabling large organizations achieve increased protection, more productivity, operational confidence and compliance support from their security function. ArcSight.s integrated solution spans all the critical security management functions including event aggregation and archiving, real time analysis, incident investigation, attack remediation, reporting and audit. ArcSight is the first vendor to offer TruThreat. Risk Correlation, which allows enterprises to focus on the protection of the business by utilizing asset mission and value information, vulnerability assessment data, and security alarms to identify and mitigate threats and attacks in real time. For more information about ArcSight, please visit www.arcsight.com.
“One of the greatest challenges that corporate security teams face today is making sense of the enormous volume of both vulnerability and attack data within their IT environments,” said Rich Telljohann, vice president of marketing and business development for GuardedNet. “Using a security event management and incident response platform, such as neuSECURE, that injects timely vulnerability data from third party products into the incident handling process is a critical first step. The QualysGuard integration allows our customers to dynamically re-scan their environment and update neuSECURE with the latest information about critical assets during an investigation. This capability makes our mutual customers more efficient and effective.”
GuardedNet Inc. delivers advanced security event management (SEM) software solutions. Its leading software solution, neuSECURE, centrally monitors, correlates and performs threat analysis in multi-vendor enterprise security environments. Its ability to correlate and analyze log data files from disparate machines in real-time enables security administrators to overcome log data overload and detect and respond to security breaches as they are occurring, rather than after the damage is done. neuSECURE has improved the security and the operational efficiency of numerous security operations centers (SOCs), including those at leading financial, transportation and data communications institutions. GuardedNet is a private company, headquartered in Atlanta, Georgia. For more information about GuardedNet, please visit www.guarded.net.
“The window of opportunity available to the enterprise to see an attack coming is getting ever narrower,. said Doug Gisby, vice president of Engineering at netForensics. .Adding the Qualys vulnerability knowledge to the high correlation and assisted remediation capability of the netForensics Security Information Management platform, that malicious opportunity window becomes the problem of the attacker instead of the business.”
netForensics is the recognized leader in Security Information Management with over a dozen industry and business awards, including the Deloitte & Touche Fast 50 and Network Computing.s Editors Choice. netForensics technology solves the problems of managing the overwhelming islands of information from multi-vendor security devices and applications. By analyzing and interpreting threat relationships in real-time, the solution enables immediate assistance for incident resolution when attacks occur and provides fast and measurable ROI from security investments. netForensics is the only security information management solution that lets users get to critical information quickly. With a centralized console and an automated process of real-time data normalization, aggregation, combined rules, vulnerability and statistical correlation and visualization, netForensics allows enterprises to manage their growing security infrastructure without increasing the size of the existing staff.
Headquartered in New Jersey, netForensics has the largest SIM install base of over 250 clients, including Global 1000 enterprises and large government organizations. For more information, please visit www.netforensics.com.
“For truly comprehensive security event management, organizations must examine network and security events beyond the event logs,” said Matt Stevens, vice president of marketing and technology, Network Intelligence Corp. “Network Intelligence’s advanced correlation and automatic threat scoring, paired with Qualys. real-time vulnerability assessment information, delivers this deeper knowledge and enables customers to significantly improve their IT security infrastructure by more effectively pinpointing and analyzing security threats.”
Network Intelligence Corp. is the leading innovator in Security Event Management. The Company’s products enable customers to transform raw security data into actionable business intelligence. Network Intelligence was the first to market with a security event management product in 1996, and the first to deliver an appliance-based solution in 2001. With an installed base of more than 2,500 customers worldwide – including over 300 customers that leverage our appliance-based solutions – Network Intelligence is the clear SEM leader by a factor of ten. Headquartered in Walpole, Massachusetts, Network Intelligence has sales representation across the United States, Europe and Japan. For more information about Network Intelligence, please visit the Company.s web site at www.network-intelligence.com.
The QualysGuard Web Service automates Network Security Audits and Vulnerability Management ensuring the security of information networks. With the highest degree of accuracy, data integrity, scalability, and ease of use, QualysGuard is available in a variety of packages designed to meet the specific needs of enterprises, SMBs, consultants, or managed service providers.
With more than 2,000 subscribers ranging from small businesses to multinational corporations, Qualys has become the leader in on demand vulnerability management and policy compliance. The company allows security managers to strengthen the security of their networks effectively, conduct automated security audits and ensure compliance with internal policies and external regulations. Qualys’ on demand technology offers customers significant economic advantages, requiring no capital outlay or infrastructure to deploy and manage. Its distributed scanning capabilities and unprecedented scalability make it ideal for large, distributed organisations. Hundreds of large companies have deployed Qualys on a global scale, including AXA, DuPont, Hershey Foods, ICI Ltd, Novartis, Sodexho, Standard Chartered Bank and many others. Qualys is headquartered in Redwood City, California, with European offices in France, Germany and the U.K., and Asian representatives in Japan, Singapore, Australia, Korea and the Republic of China. For more information, please visit www.qualys.com.
QualysGuard is a registered trademark of Qualys, Inc. Qualys and the Qualys logo are trademarks of Qualys, Inc. All other trademarks are the property of their respective owners.