Qualys Cloud Platform

A Continuous View of Your Security & Compliance

star flare Qualys Globe

The Qualys Cloud Platform consists of a suite of IT security and
compliance solutions that leverage shared and extensible core services
and a highly scalable multi-tenant cloud infrastructure.

Dynamic Role-Based User Interface

Qualys screen shots

Qualys API

Integrated Suite












Web App


Web App




Qualys Secure

Built on top of Qualys’ Infrastructure and Core Services, the Qualys Cloud Suite incorporates the following applications, all of which are delivered via the cloud; there is no new software to deploy or infrastructure to maintain. Each application leverages the same scan data.

Continuous Monitoring

Delivers immediate alerts whenever threats or unexpected changes are found in an organization’s Internet perimeter – before they turn into breaches.

Vulnerability Management

Discovers all devices and applications across the network, at the same time identifying and mitigating the vulnerabilities that make network attacks possible.

Policy Compliance

Helps organizations pass security audits and document compliance tied to corporate security policies, laws, and industry regulations, supporting the requirements of both internal and external auditors.

Questionnaire Service

Centralizes and automates the gathering of risk data and compliance evidence from employees, partners, vendors and other subject matter experts.

PCI Compliance

Provides small and medium-sized businesses with enterprise-level scanning and reporting that’s easy to implement and maintain, and enabling large corporations to meet PCI compliance requirements for data protection on a global scale.

Web Application Scanning

Provides automated crawling and testing for custom web applications to identify vulnerabilities including for cross-site scripting and SQL injection. The automated service enables regular testing that produces consistent results, reduces false positives, and easily scales to secure large numbers of Websites.

Web Application Firewall

Protects websites against attacks on server vulnerabilities and web app defects. Brings Cloud scalability and simplicity that make it possible to strongly secure web apps against Cross-Site Scripting (XSS), SQL injection, corrupted requests and other attacks in less than 30 minutes.

Malware Detection

Proactively scans websites of any size, anywhere in the world, for malware infections and other threats, sending alerts to website owners. Enables businesses to scan and manage a large number of sites, preventing website black listing and brand reputation damage.


Enables online businesses of all sizes to scan their websites for the presence of malware, network and application vulnerabilities, as well as SSL certificate validation. Merchants can display the Qualys SECURE seal on their website, demonstrating to visitors that the company is committed to security.

down arrow

Core Services

Asset Tagging Icon

Asset Tagging &

Reporting and dashboards Icon

Reporting &

Questionnaires Icon

Questionnaires &

Fix it Icon

& Workflow

Big data Icon

Big Data Correlation
& Analytics Engine

Alerts Icon

Alerts &

Our Core Services enable integrated workflows, management and real-time analysis and reporting across all of our IT security and compliance solutions.

Asset Tagging and Management

Enables customers to easily identify, categorize and manage large numbers of assets in highly dynamic IT environments and automates the process of inventory management and hierarchical organization of IT assets.

Reporting and Dashboards

A highly configurable reporting engine that provides customers with reports and dashboards based on their roles and access privileges.

Questionnaires and Collaboration

A configurable workflow engine that enables customers to easily build questionnaires and capture existing business processes and workflows to evaluate controls and gather evidence to validate and document compliance.

Remediation and Workflow

An integrated workflow engine that allows customers to automatically generate helpdesk tickets for remediation and to manage compliance exceptions based on customer-defined policies, enabling subsequent review, commentary, tracking and escalation. This engine automatically distributes remediation tasks to IT administrators upon scan completion, tracks remediation progress and closes open tickets once patches are applied and remediation is verified in subsequent scans.

Big Data Correlation and Analytics Engine

Provides capabilities for indexing, searching and correlating large amounts of security and compliance data with other security incidents and third-party security intelligence data. Embedded workflows enable customers to quickly assess risk and access information for remediation, incident analysis and forensic investigations.

Alerts and Notifications

Creates email notifications to alert customers of new vulnerabilities, malware infections, scan completion, open trouble tickets and system updates.






Big Data Indexing
and Storage




Managed Scanner

Our infrastructure layer, which we refer to as our Infrastructure, includes the data, data processing capabilities, software and hardware infrastructure and infrastructure management capabilities that provide the foundation for our cloud platform and allow us to automatically scale our Infrastructure and Core Services to scan millions of IPs.

Scalable Capacity

Scalable Capacity

We have designed a modular and scalable infrastructure that leverages virtualization and cloud technologies. This allows our operations team to dynamically allocate additional capacity on-demand across our entire Qualys Cloud Platform to address the growth and scalability of our solutions.

Big Data Indexing and Storage

Big Data Indexing and Storage

Built on top of our secure data storage model, this engine indexes petabytes of data and uses this information in real-time to execute tags or rules to dynamically update IT assets’ properties, which are used in various workflows for scanning, reporting and remediation.

Qualys KnowledgeBase

Qualys KnowledgeBase

Qualys relies on our comprehensive repository, which we refer to as our KnowledgeBase, of known vulnerabilities and compliance controls for a wide range of devices, technologies and applications that powers our security and compliance scanning technology. We update our KnowledgeBase daily with signatures for new vulnerabilities, control checks, validated fixes and improvements.

Managed Scanner Appliances

Managed Scanner Appliances

As part of our cloud platform, we host and operate a large number of globally distributed physical scanner appliances that our customers use to scan their externally facing systems and web applications. To scan internal IT assets, customers can also deploy our scanners, which are available on a subscription basis as physical appliances or downloadable virtual images, within their internal networks. Our scanner appliances self-update daily in a transparent manner using our automated and proprietary scan management technology. These scanner appliances allow us to scale our cloud platform to scan networked devices and web applications across organizations’ networks around the world.

up arrow

Cloud Scanning Architecture

1+ Billion IP Scans/Audits Performed Yearly

99.99966% Six Sigma Scanning Accuracy Learn more

cloud scanning architecture

Perimeter Scanning

Qualys Internet Scanners

Qualys' Internet Scanners provide fast and efficient external scanning. Qualys hosts a collection of Internet Scanners optimized to scan publicly facing devices globally via the Internet. In this manner, Qualys scans and processes security audits in parallel for optimum speed of operations. The inference-based scanning engine employs an un-trusted approach for greater accuracy and scalability, delivering both accurate results and scalable performance.

Internal Scanning

Qualys Scanner Appliances

Qualys Scanners are appliance versions of the Internet Remote Scanners. Scanners enable customers to bring Qualys' assessment capabilities to their internal networks. Installed in minutes and requiring no maintenance by the user, the hardened Linux appliance needs no special firewall configurations to obtain updates and new vulnerability signatures and perform scan jobs, returning results securely over a standard SSL-encrypted channel.

scanner appliance
Qualys Virtual Scanner Appliances

Qualys’ software-based virtual scanner appliances are qualified to run on many of the most common virtualization and cloud platforms including VMware and Amazon EC2. These virtualized scanners supplement the current hardware-based Qualys Scanner Appliances. Like with the hardware-based scanners, customers can manage the virtual scanners from their Qualys accounts via a secure web interface, where all gathered scan data will be available for reporting and remediation. Installed in minutes and requiring no maintenance by the user, scanners needs no special configurations to obtain updates and new vulnerability signatures.

Cloud Platform Benefits

cloud icon

No Hardware to Buy or Maintain

There's nothing to install or manage. Support for operating and maintaining the solution falls squarely on Qualys.

shuttle globe icon

Global Deployment

Easily performs scans on geographically distributed and segmented networks both at the perimeter and behind the firewall.

dollar bill icon

Lower and Predictable TCO

Cloud Computing offers significant economic advantages with no capital expenditures, extra human resources or infrastructure or software to deploy and manage.

up-to-date icon

Comprehensive, Always Up-to-Date

Qualys has the largest KnowledgeBase of vulnerability signatures in the industry (18,000+) and performs over 1 billion IP scans/audits per year. Since Qualys is centrally managed, vulnerability and software updates are made in real-time. Learn more

highly scalable icon

Highly Scalable

Seamlessly add new coverage, users and services as you need them.

padlock icon

Data Security

Qualys provides secure storage and processing of vulnerability data on an n-tiered architecture of load-balanced application servers. High availability, continuously monitored safe datacenters host physically and logically secure databases with encrypted data storage.

Platform Delivery Options

Qualys Platform

Shared Cloud Service

The Qualys Multi-Tenant Shared Cloud Service is affordable and instantly available. Subscribers simply use the software, without the hassle and cost of owning and maintaining the software itself. Qualys subscription packages include:

Qualys Platform

Private Cloud

The Qualys Multi-Tenant Private Cloud Platform enables MSSPs, enterprises, and government agencies to deliver Qualys’ award-winning security and compliance solutions from your own datacenter, and retain full control of all the underlying security data.

Qualys Solutions
Qualys Community
Free Trial & Tools
Free Trial

Nothing to install or download!

1 (800) 745 4355