Cloud Platform
Community
Support

Qualys Integrates with Security Command Center for Google Cloud Platform

Integration provides visibility, continuous security and compliance seamlessly across cloud workloads

FOSTER CITY, Calif., March 21, 2018Qualys, Inc. (NASDAQ: QLYS), a pioneer and leading provider of cloud-based security and compliance solutions, today announced its integration with the Cloud Security Command Center (Cloud SCC) for Google Cloud Platform (GCP), a security and data risk platform helping enterprises to gather data, identify threats, and act on them before they result in business damage or loss.

Cloud SCC provides security teams a single pane for security features, policies, and insights across Google Cloud platform. Qualys’ integration expands on existing data within Cloud SCC by adding vulnerability management and threat data for compute engine instances within a GCP project.

This new capability builds on Qualys’ prior GCP integration to give customers visibility of Qualys data within Cloud SCC and allow DevOps and security teams to protect their workloads by gaining full visibility of vulnerability and threat posture at-a-glance. Users can further drill down to find details and actionable intelligence for every identified vulnerability, and can navigate with a single click back to their Qualys subscription for additional reports and threat intelligence.

Customers can gain access to Qualys-generated vulnerability and threat posture data within Cloud SCC by deploying Qualys’ lightweight Cloud Agents on workload images. This step will either bake the agent within the image or automatically deploy the agent in the compute engine instance.

“As businesses leverage new technologies to accelerate their digital transformation efforts and move into the cloud, their focus needs to shift towards building security into applications, as well as interconnected devices, right from the start. And this is what Google is doing with their Cloud Platform, helping businesses build security into the fabric of their workloads,” said Philippe Courtot, chairman and CEO, Qualys.

“Now more than ever, the cloud is where an increasing number of enterprises are turning to protect their data and stay secure,” said Andy Chang, Senior Product Manager, Google Cloud. “With Cloud Security Command Center, we are helping security teams gather data, identify threats, and quickly act on application and data risks. By working with industry leaders like Qualys, we are giving our customers the capabilities they need to keep up with today’s ever evolving security challenges especially as they move workloads to the cloud.”

Key features of the new Cloud SCC include:

  • Asset Discovery and Inventory: Discover assets across Google App Engine, Google Compute Engine, Google Cloud Storage, and Cloud Datastore and view them in one place. Review historical discovery scans to identify new, modified, or deleted assets.
  • Sensitive Data Identification: Find out which storage buckets contain sensitive and regulated data using the Cloud Data Loss Prevention (DLP) API. Help prevent unintended exposure and ensure access is based on need-to-know. The DLP API integrates automatically with Cloud SCC.
  • Application Vulnerability Detection: Uncover common vulnerabilities such as cross-site-scripting (XSS), Flash injection, mixed content (HTTP in HTTPS), and outdated/insecure libraries that put Google App Engine applications at risk with Cloud Security Scanner. Cloud Security Scanner integrates automatically with Cloud SCC.
  • Access Control Monitoring: Help ensure the appropriate access control policies are in place across cloud resources and get alerted when policies are misconfigured or unexpectedly change.
  • Threat Intelligence from Google: Identify threats like botnets, cryptocurrency mining, anomalous reboots and suspicious network traffic with built-in machine learning technology developed by Google.
  • Third-party security tool inputs: Integrate output from existing security tools into Cloud Security Command Center to detect DDoS attacks, compromised endpoints, compliance policy violations and network attacks.
  • Real-time Notifications: Receive Cloud SCC alerts via Gmail, SMS and Jira with Pub/Sub notification integration.
  • REST API: Leverage the Cloud SCC REST API for easy integration with existing security systems and workflows.

About Qualys Cloud Platform
As a revolutionary unified architecture that powers more than 15 Qualys security and compliance Cloud Apps, the Qualys Cloud Platform offers customers a streamlined solution for avoiding the cost and complexities of managing multiple security vendors. By automatically gathering and analyzing security and compliance data from IT assets anywhere in one single-pane view, the Qualys Cloud Platform gives customers the scalability, visibility, accuracy and breadth of capabilities to fight cyber attacks and build security into their digital transformation initiatives.

Additional Resources:
Follow Qualys on LinkedIn and Twitter
Read more about Qualys Cloud Platform
Read more about the Qualys Cloud Agent

About Qualys
Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of cloud-based security and compliance solutions with over 10,300 customers in more than 130 countries, including a majority of each of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and consolidate their security and compliance solutions in a single platform and build security into digital transformation initiatives for greater agility, better business outcomes and substantial cost savings. The Qualys Cloud Platform and its integrated Cloud Apps deliver businesses critical security intelligence continuously, enabling them to automate the full spectrum of auditing, compliance and protection for IT systems and web applications on premises, on endpoints and elastic clouds. Founded in 1999 as one of the first SaaS security companies, Qualys has established strategic partnerships with leading managed service providers and consulting organizations including Accenture, BT, Cognizant Technology Solutions, Deutsche Telekom, Fujitsu, HCL Technologies, HP Enterprise, IBM, Infosys, NTT, Optiv, SecureWorks, Tata Communications, Verizon and Wipro. The Company is also a founding member of the Cloud Security Alliance. For more information, please visit www.qualys.com.

Qualys and the Qualys logo are proprietary trademarks of Qualys, Inc. All other products or names may be trademarks of their respective companies.

###