Prevent, detect and respond to threats. Get full visibility of and control over the security of your on-premises and public cloud resources.
Works across all environments – on-premises systems, mobile endpoints and public cloud environments such as those from Microsoft, Google, Amazon and others.
Qualys is the market leader in vulnerability management and trusted by the majority of the Forbes Global 100.
Qualys is a pioneer in Cloud Computing and uniquely experienced to secure other cloud platforms.
Qualys consolidates 10 enterprise security and compliance solutions and drastically reduces your TCO.
Integration with Amazon Web Services EC2
Our Amazon partnership lets you use the Qualys Cloud Platform to gain a continuous, integrated view of the security and compliance posture of your AWS EC2 instances.
Qualys' native integration with AWS allows you to:
Perform automated EC2 inventory discovery using the native Qualys Connector for AWS.
Do internal scanning using Qualys’ Virtual Scanner Appliance deployed on Amazon EC2 Classic or VPC or Qualys Cloud agents on the EC2 instances.
Conduct perimeter scanning of public facing instances in Amazon EC2 from Qualys Internet Remote Scanners.
Utilize our Qualys Web Application Firewall (WAF) to protect your applications from attacks and data breaches.
Discovery and Scanning with Qualys Integration
Asset Discovery and Tracking
The Connector for Amazon continuously discovers Amazon EC2 and VPC assets using an Amazon API integration. Connectors may be configured to connect to one or more Amazon accounts so they can automatically detect and synchronize changes to virtual machine instance inventories from all Amazon EC2 Regions and Amazon VPCs.
Internal Network Scanning
By deploying a Qualys Virtual Scanner Appliance onto Amazon EC2 Classic or VPC, cloud instances become targetable at their private network address. This appliance provides the same capabilities as our regular scanner appliance and supports all AWS commercial regions and a selection of compute instance sizes. The appliance, a stateless resource, acts as an extension of the Qualys Cloud Platform and is not a separately managed entity.
A new EC2 Scanning capability within Qualys Vulnerability Management ensures that all Amazon scanning policies will be followed and that scanning will not inadvertently target other Amazon customers’ EC2 or VPC instances. Instances are targeted by their Amazon Instance ID, and Qualys communicates with Amazon APIs to confirm each instance’s current IP address. This negates the need to obtain explicit permission from Amazon before proceeding as is typically required. The pre-authorized scanners are available as AMIs (Amazon Machine Images) in the marketplace.
Qualys Cloud Agents are lightweight and can be deployed on your EC2 instances directly or embedded at the source, into AMIs. With our Cloud Agents you can perform vulnerability management and policy compliance in real time, eliminating the need to schedule scan windows or manage credentials for scanning.
All Public and Elastic IP addresses and public URLs may be targeted using Qualys Internet Remote Scanners, deployed in Qualys data centers and available as part of standard Qualys services.
See deployment details in the Help Center for Amazon Web Services.