Qualys Marks Industry Milestone with Over 2000 Security Vulnerabilities

Redwood City, CA — December 10, 2002 — Qualys™, Inc., the leader in automated vulnerability assessment, today announced that its KnowledgeBase of vulnerabilities has reached an industry milestone, detecting and providing verified remedies for more than 2000 known security threats. This milestone doubles the number of vulnerabilities detected from the same time last year and provides the most accurate and scalable vulnerability management within the industry.

With a fully automated infrastructure, Qualys is able to update its KnowledgeBase daily with newly discovered vulnerabilities, averaging 20 per week. Updated signatures are made available to all subscribers automatically through the QualysGuard Web-based service, saving customers hundreds of man hours tracking and prioritizing the latest network threats. By automating vulnerability identification, production and testing, Qualys ensures accuracy of vulnerability detection and elimination of false positives, while reducing total cost of ownership by removing all deployment costs.

Qualys’ customer base now includes more than 750 of the world’s leading companies from every industry sector, and grows at approximately 30 percent every quarter. Some of Qualys’ customers include AXA IM, New York Board of Exchange, ABN-AMRO, Apple Computer, Tower Records, Cartier, L’Oreal, Thomson Financial and many others, averaging more than 60,000 scans per month.

“The world of network threats is very clearly becoming larger, more complex and far more severe, and it has become a nearly impossible task for us to keep up with the changing security landscape,” stated Raphael MARCHAND, Security Architect of AXA IM, the world’s largest global insurance company headquartered in Paris. “Qualys relieves the time- and resource-intensive burden of vulnerability management. With QualysGuard’s automated vulnerability assessment service in place, we can be sure that our servers are highly secure, patches are up-to-date, security policy standards are enforced, and equipment configurations are current.”

“Technically, the best vulnerability management solution, QualysGuard epitomizes my vision of the ideal vulnerability management platform,” added MARCHAND.

Today, 45 percent of the vulnerabilities tracked by Qualys’ KnowledgeBase are at the highest levels of threats in terms of potential destruction, complexity and liability to customers’ networks. Attacks that exploit vulnerabilities at these levels allow intruders to easily gain control of the host, which may lead to the compromise of the entire network security.

“Protecting our trading data is the highest priority for the New York Board of Trade, and QualysGuard is an integral part of our layered network defense. QualysGuard helps us detect network vulnerabilities and fix them in a timely manner,” stated Jim DiDominicus, CISO at the New York Board of Trade, the world’s premier marketplace for the trading of citrus, cocoa, coffee, cotton and sugar futures and options. “QualysGuard provides a cost-effective means to validate our internal testing and monitoring. Most importantly, the level of scanning accuracy and elimination of false positives provides us with the confidence that we are constantly guarded against new threats that are arising.”

Qualys’ KnowledgeBase is a CVE-compliant database that combines vulnerability intelligence from numerous sources, including Qualys partners Security Focus (Bugtraq) and Vigilinx, as well as additional information collected from other sources. Qualys has developed the industry’s most comprehensive vulnerability database scanning and identifying vulnerabilities throughout the entire enterprise infrastructure at all levels including network, system, and application levels.

“Speed and accuracy are critical in helping our customers protect themselves from the latest network vulnerabilities. Through an automated infrastructure, QualysGuard can help customers identify, prioritize and manage the complete life-cycle of emerging threats,” stated Philippe Courtot, Chairman and CEO of Qualys. “Qualys has made the investment and completed a platform that delivers to customers the highest, most accurate and up-to-date detection.”

About Qualys

With more than 2,000 subscribers ranging from small businesses to multinational corporations, Qualys has become the leader in on demand vulnerability management and policy compliance. The company allows security managers to strengthen the security of their networks effectively, conduct automated security audits and ensure compliance with internal policies and external regulations. Qualys’ on demand technology offers customers significant economic advantages, requiring no capital outlay or infrastructure to deploy and manage. Its distributed scanning capabilities and unprecedented scalability make it ideal for large, distributed organisations. Hundreds of large companies have deployed Qualys on a global scale, including AXA, DuPont, Hershey Foods, ICI Ltd, Novartis, Sodexho, Standard Chartered Bank and many others. Qualys is headquartered in Redwood City, California, with European offices in France, Germany and the U.K., and Asian representatives in Japan, Singapore, Australia, Korea and the Republic of China. For more information, please visit www.qualys.com.

Qualys, the Qualys logo and QualysGuard are proprietary trademarks of Qualys, Inc. All other products or names may be trademarks of their respective companies.

Media Contact:
Tami Casey
Qualys
media@qualys.com