Qualys Cloud Platform
A Continuous View of Your Security & Compliance
Dynamic Role-Based User Interface
Built on top of Qualys’ Infrastructure and Core Services, the Qualys Cloud Suite incorporates the following applications, all of which are delivered via the cloud; there is no new software to deploy or infrastructure to maintain. Each application leverages the same scan data.
Delivers immediate alerts whenever threats or unexpected changes are found in an organization’s Internet perimeter – before they turn into breaches.
Discovers all devices and applications across the network, at the same time identifying and mitigating the vulnerabilities that make network attacks possible.
Helps organizations pass security audits and document compliance tied to corporate security policies, laws, and industry regulations, supporting the requirements of both internal and external auditors.
Centralizes and automates the gathering of risk data and compliance evidence from employees, partners, vendors and other subject matter experts.
Provides small and medium-sized businesses with enterprise-level scanning and reporting that’s easy to implement and maintain, and enabling large corporations to meet PCI compliance requirements for data protection on a global scale.
Provides automated crawling and testing for custom web applications to identify vulnerabilities including for cross-site scripting and SQL injection. The automated service enables regular testing that produces consistent results, reduces false positives, and easily scales to secure large numbers of websites.
Protects websites against attacks on server vulnerabilities and web app defects. Brings Cloud scalability and simplicity that make it possible to strongly secure web apps against Cross-Site Scripting (XSS), SQL injection, corrupted requests and other attacks in less than 30 minutes.
Proactively scans websites of any size, anywhere in the world, for malware infections and other threats, sending alerts to website owners. Enables businesses to scan and manage a large number of sites, preventing website black listing and brand reputation damage.
Enables online businesses of all sizes to scan their websites for the presence of malware, network and application vulnerabilities, as well as SSL certificate validation. Merchants can display the Qualys SECURE seal on their website, demonstrating to visitors that the company is committed to security.
Asset Tagging &
Big Data Correlation
& Analytics Engine
Our Core Services enable integrated workflows, management and real-time analysis and reporting across all of our IT security and compliance solutions.
Asset Tagging and Management
Enables customers to easily identify, categorize and manage large numbers of assets in highly dynamic IT environments and automates the process of inventory management and hierarchical organization of IT assets.
Reporting and Dashboards
A highly configurable reporting engine that provides customers with reports and dashboards based on their roles and access privileges.
Questionnaires and Collaboration
A configurable workflow engine that enables customers to easily build questionnaires and capture existing business processes and workflows to evaluate controls and gather evidence to validate and document compliance.
Remediation and Workflow
An integrated workflow engine that allows customers to automatically generate helpdesk tickets for remediation and to manage compliance exceptions based on customer-defined policies, enabling subsequent review, commentary, tracking and escalation. This engine automatically distributes remediation tasks to IT administrators upon scan completion, tracks remediation progress and closes open tickets once patches are applied and remediation is verified in subsequent scans.
Big Data Correlation and Analytics Engine
Provides capabilities for indexing, searching and correlating large amounts of security and compliance data with other security incidents and third-party security intelligence data. Embedded workflows enable customers to quickly assess risk and access information for remediation, incident analysis and forensic investigations.
Alerts and Notifications
Creates email notifications to alert customers of new vulnerabilities, malware infections, scan completion, open trouble tickets and system updates.
Big Data Indexing
Our infrastructure layer, which we refer to as our Infrastructure, includes the data, data processing capabilities, software and hardware infrastructure and infrastructure management capabilities that provide the foundation for our cloud platform and allow us to automatically scale our Infrastructure and Core Services to scan millions of IPs.
We have designed a modular and scalable infrastructure that leverages virtualization and cloud technologies. This allows our operations team to dynamically allocate additional capacity on-demand across our entire Qualys Cloud Platform to address the growth and scalability of our solutions.
Big Data Indexing and Storage
Built on top of our secure data storage model, this engine indexes petabytes of data and uses this information in real-time to execute tags or rules to dynamically update IT assets’ properties, which are used in various workflows for scanning, reporting and remediation.
Qualys relies on our comprehensive repository, which we refer to as our KnowledgeBase, of known vulnerabilities and compliance controls for a wide range of devices, technologies and applications that powers our security and compliance scanning technology. We update our KnowledgeBase daily with signatures for new vulnerabilities, control checks, validated fixes and improvements.
As a core service of our cloud platform, Qualys sensors make it easy to extend security through your globally distributed environment. These sensors, which can be in the form of appliances or lightweight agents, are remotely deployable, centrally managed and self updating. To scan externally facing systems and web applications, we host and operate a large number of globally distributed physical scanner appliances. To scan internal IT assets, customers can also deploy our scanners, which are available on a subscription basis as physical appliances or downloadable virtual images, within their internal networks. Qualys Cloud Agents can be installed anywhere — including any host such as a laptop, desktop, server or virtual machine. Qualys Cloud Agents extract and consolidate vulnerability and compliance data and update it continuously within the Qualys Cloud Platform for further analysis and correlation, thus providing a continuous view of the security compliance posture of the global network. Our cloud agents and scanner appliances self-update daily in a transparent manner using our automated and proprietary scan management technology. These sensors allow us to scale our cloud platform to continuously scan networked devices and web applications across organizations’ networks around the world.
Cloud Scanning Architecture
1+ Billion IP Scans/Audits a Year Resulting in 400+ Billion Security Events
98% Uptime and Availability
99.99966% Six Sigma Scanning Accuracy
Qualys sensors, a core service of the Qualys Cloud Plaform, make it easy to extend your security throughout your global enterprise. These sensors, which can be in the form of appliances or lightweight agents, are remotely deployable, centrally managed and self updating. They collect the data and automatically beam it up to the Qualys Cloud Platform, which has the computing power to continuously analyze and correlate the information in order to help you identify threats and eliminate vulnerabilities.
Qualys Internet Scanners
Qualys' Internet Scanners provide fast and efficient external scanning. Qualys hosts a collection of Internet Scanners optimized to scan publicly facing devices globally via the Internet. In this manner, Qualys scans and processes security audits in parallel for optimum speed of operations. The inference-based scanning engine employs an un-trusted approach for greater accuracy and scalability, delivering both accurate results and scalable performance.
Perimeter & Internal Scanning
Qualys Cloud Agents
Qualys Cloud Agents provide an entirely new security assessment platform that can scale to handle millions of devices. These lightweight agents (1MB) can be installed anywhere — including any host such as a laptop, desktop, server or virtual machine. Qualys Cloud Agents extract and consolidate vulnerability and compliance data and update it continuously within the Qualys Cloud Platform for further analysis and correlation, thus providing a continuous view of the security compliance posture of the global network. The cloud agents are deployed via a compact agent installer that can be embedded in system images, deployed with Group Policy, or simply run from the command line. The agent consumes very little CPU resources, ranging from 5% at peak to less than 2% in normal operation. Once installed, the agent will take a full assessment of its host while running in the background, and send that assessment snapshot back to the Qualys Cloud Platform for evaluation.
Qualys Scanner Appliances
Qualys Scanners are appliance versions of the Internet Remote Scanners. Scanners enable customers to bring Qualys' assessment capabilities to their internal networks. Installed in minutes and requiring no maintenance by the user, the hardened Linux appliance needs no special firewall configurations to obtain updates and new vulnerability signatures and perform scan jobs, returning results securely over a standard SSL-encrypted channel.
Qualys Virtual Scanner Appliances
Qualys’ software-based virtual scanner appliances are qualified to run on many of the most common virtualization and cloud platforms including VMware and Amazon EC2. These virtualized scanners supplement the current hardware-based Qualys Scanner Appliances. Like with the hardware-based scanners, customers can manage the virtual scanners from their Qualys accounts via a secure web interface, where all gathered scan data will be available for reporting and remediation. Installed in minutes and requiring no maintenance by the user, scanners needs no special configurations to obtain updates and new vulnerability signatures.
Cloud Platform Benefits
No Hardware to Buy or Maintain
There's nothing to install or manage. Support for operating and maintaining the solution falls squarely on Qualys.
Easily performs scans on geographically distributed and segmented networks both at the perimeter and behind the firewall.
Lower and Predictable TCO
Cloud Computing offers significant economic advantages with no capital expenditures, extra human resources or infrastructure or software to deploy and manage.
Comprehensive, Always Up-to-Date
Qualys has the largest KnowledgeBase of vulnerability signatures in the industry (18,000+) and performs over 1 billion IP scans/audits per year. Since Qualys is centrally managed, vulnerability and software updates are made in real-time. Learn more
Seamlessly add new coverage, users and services as you need them.
Qualys provides secure storage and processing of vulnerability data on an n-tiered architecture of load-balanced application servers. High availability, continuously monitored safe datacenters host physically and logically secure databases with encrypted data storage.