Cloud Platform
Contact us
Asset Management
Vulnerability & Configuration Management
Risk Remediation
Threat Detection & Response
  • Overview
  • Platform Apps

  • Qualys Endpoint Security

    Advanced endpoint threat protection, improved threat context, and alert prioritization

  • Context XDR

    Extend detection and response beyond the endpoint to the enterprise

Cloud Security

Qualys Introduces SaaS Detection and Response to Manage the Security Posture and Risk of the SaaS Application Stack

SaaS Detection and Response provides continuous visibility, assessment, and compliance for SaaS applications from a single interface

FOSTER CITY, Calif. February 3, 2021 - Qualys, Inc (NASDAQ: QLYS), a pioneer and leading provider of disruptive cloud-based IT, security and compliance solutions, today introduced Qualys SaaS Detection and Response (SaaSDR), which provides a single console for IT and security teams to gain continuous visibility, security and compliance of critical SaaS apps.

Powered by the FedRAMP-authorized Qualys Cloud Platform, Qualys SaaSDR streamlines and automates the process of managing SaaS security, risk and compliance. The result is automated, up-to-date inventory and control over SaaS apps, folders and documents to prevent malicious or unintended exposure of sensitive information and deliver a deep understanding of the SaaS apps’ compliance posture. The initial release will provide native support for Google Workspace, Microsoft Office 365, Zoom and Salesforce.

“Qualys SaaSDR helps ImagineX with our Microsoft Office 365 and Google Workspace deployments’ security and compliance. It provides the security team with visibility and control of critical SaaS apps, all from a single screen, strengthening the apps’ security posture. We also see SaaSDR as a key imperative to help guide our customers as they work to enhance SaaS apps’ compliance and shine a spotlight on potential data exposure,” said Tim Salvador, Cybersecurity Practice Director, ImagineX Consulting, LP.

“As applications migrate from on-premises to IaaS and subsequently SaaS, blind spots develop for security analysts as traditional security tools do not have the necessary visibility for SaaS application stacks,” said Frank Dickson, program vice president, security products at IDC. “The reality of the SaaS shared responsibility model is the application of security and maintenance in a SaaS context is fundamentally different as the SOC does not have control of the operating system and application layer. The security, hygiene and management have to be applied using an API-centric approach, leveraging data and identity disciplines. Qualys looks to provide SaaS application visibility to the SOC via frictionless data collection for deeper assessment, supporting CIS policies for Office 365 and Zoom while also leveraging the power of the Qualys posture management technology to augment identity and data context. Qualys SaaSDR provides an easy plug-in solution to assist CISOs in monitoring and managing the data exposure and security compliance of their SaaS applications.”

With Qualys SaaSDR, enterprises have a single solution to manage their SaaS apps, providing:

User and Device Visibility – Automatically inventory SaaS application users and user groups (internal and external) along with the files and folders users own and can access. It also gathers detailed information on endpoints, such as an asset’s details, location, running services, installed software and more, all in a single, unified view.

Powerful Access Controls – Get complete control over users and data access rights to quickly review and granularly assign the proper access levels – all from a single interface.

Data Exposure Insights – Shine a spotlight on SaaS applications and third-party apps to immediately identify security weaknesses like incorrect permissions, at-risk files, file changes, misconfiguration issues, critical vulnerabilities, and exploits using advanced threat intelligence.

Security and Compliance Posture – Realize continuous and automated security posture and configuration assessments for SaaS applications along with enforcement of compliance aligned with industry benchmarks like O365 via CIS, PCI-DSS, NIST, and CIS.

Assess Risk – Leverage the Qualys Cloud Platform to correlate SaaS application data insights such as user access rights and data exposure, with additional security telemetry, like user location, time of access, file changes, host vulnerabilities and configurations, advanced threats, and more to manage risk.

SaaSDR Screenshot
Qualys SaaSDR provides continuous visibility of SaaS applications in a single-pane-of-glass

“Qualys’ massive investment in our Cloud Platform provides the relevant context, real-time analysis, visibility and scale needed to support detection and response offerings such as SaaSDR,” said Philippe Courtot, chairman and CEO of Qualys. “Qualys SaaSDR’s native connectors build security into SaaS apps providing clarity and an unparalleled level of detail and insight - all from a single screen - so that customers can ensure their SaaS apps are secure and compliant.”

Upcoming Features
In the second half of 2021, Qualys will add proactive response capabilities such as alerting on data exposure and automated remediation to the app so customers can fix compliance and exposure issues and automatically patch misconfigurations, vulnerabilities and threats with one click. Qualys will also add support for additional solutions such as Slack, GitHub and Microsoft Teams, along with customized controls to enable targeted security posture assessments.

Pricing and Webinar
SaaSDR is generally available; pricing starts at $20 per user per SaaS application. To participate in the free trial, visit To learn more, attend the webinar,Navigating the SaaS Technology Stack for Continuous Visibility and Compliance, on March 3.

Additional Resources

About Qualys: One Cloud Platform – One Agent – One Global View
Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of disruptive cloud-based IT, security and compliance solutions with over 15,700 active customers in more than 130 countries, including a majority of each of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and consolidate their security and compliance solutions in a single platform and build security into digital transformation initiatives for greater agility, better business outcomes, and substantial cost savings.

The native Qualys Cloud Platform and its integrated Cloud Apps deliver 360-degree visibility across on premises, endpoints, cloud, containers, and mobile environments. The platform delivers the visibility businesses need to assess critical security intelligence continuously, enabling them to automate the full spectrum of auditing, compliance, and protection for IT systems and web applications. Founded in 1999 as one of the first SaaS security companies, Qualys has built a large, impressive customer base and established strategic partnerships with leading cloud providers like Amazon Web Services, Microsoft Azure and the Google Cloud Platform, as well as preeminent managed service providers and consulting organizations including Accenture, BT, Cognizant Technology Solutions, Deutsche Telekom, DXC Technology, Fujitsu, HCL Technologies, IBM, Infosys, NTT, Optiv, SecureWorks, Tata Communications, Verizon and Wipro. The Company is also a founding member of the Cloud Security Alliance. For more information, please visit

Qualys and the Qualys logo are proprietary trademarks of Qualys, Inc. All other products or names may be trademarks of their respective companies.

Media Contact:
Tami Casey