Search

See Resources

Qualys Cloud Platform

Continuous Visibility of Your Security & Compliance

Qualys world electrons
  • 3+ Billion

    IP Scans/Audits a Year

  • 99.9996%

    Six Sigma Scanning Accuracy

  • 1+ Trillion

    Security Events


Qualys' Unparalleled Accuracy

Qualys sensors, a core service of the Qualys Cloud Platform, make it easy to extend your security throughout your global enterprise. These sensors, which can be in the form of appliances or lightweight agents, are remotely deployable, centrally managed and self updating. They collect the data and automatically beam it up to the Qualys Cloud Platform, which has the computing power to continuously analyze and correlate the information in order to help you identify threats and eliminate vulnerabilities.

QUALYS SENSORS:

  • Internet Scanners icon Internet
    Scanners
  • Scanner Appliances Icon Scanner
    Appliances
  • Virtual Scanner Appliances Icon Virtual Scanner
    Appliances
  • Cloud Agents Icon Cloud
    Agents
ON PREMISES

Perimeter

  • Internet Scanners
  • Scanner Appliances
  • Virtual Scanner Appliances
  • Cloud Agents

Internal

  • Internet Scanners
  • Scanner Appliances
  • Virtual Scanner Appliances
  • Cloud Agents
CLOUDS Amazon, Azure, etc.

Perimeter

  • Internet Scanners
  • Scanner Appliances
  • Virtual Scanner Appliances
  • Cloud Agents

Internal

  • Internet Scanners
  • Scanner Appliances
  • Virtual Scanner Appliances
  • Cloud Agents
Internet Scanners Iocn Internet
Scanners
Scanner Appliances icon Scanner
Appliances
Virtual Scanner Appliances Icon Virtual Scanner
Appliances
Cloud Agents Icon Cloud
Agents
Internet Scanners Iocn

Qualys Internet Scanners

Internet Scanners provide fast and efficient external scanning including vulnerability scanning, compliance scanning and web application scanning. In this manner, Qualys scans and processes security audits in parallel for optimum speed of operations. The inference-based scanning engine employs an untrusted approach for accurate results, maximal coverage and scalable performance.

Scanner Appliances icon

Qualys Scanner Appliances

Scanner Appliances are hardware appliance versions of the Internet Scanners that bring Qualys' assessment capabilities to customers' internal networks. Installed in minutes and requiring no maintenance by the user, the hardened Linux appliance needs no special firewall configurations to obtain updates and new vulnerability signatures and perform scan jobs, returning results securely over a standard SSL-encrypted channel.

Virtual Scanner Appliances Icon

Qualys Virtual Scanner Appliances

Virtual Scanner Appliances are software-only scanner appliances that customers can deploy on their own internal infrastructure for maximum deployment flexibility. Virtual scanners are supported on many of the most common virtualization and cloud platforms including VMware, Amazon EC2 and Microsoft Azure. Like with the hardware-based scanners, customers can manage the virtual scanners from their Qualys accounts via a secure web interface, where all gathered scan data will be available for reporting and remediation. Installed in minutes and requiring no maintenance by the user, virtual scanner appliances needs no special configurations to obtain updates and new vulnerability signatures.

Cloud Agents Icon

Qualys Cloud Agents

Cloud Agents provide an entirely new security assessment platform that can scale to handle millions of devices. These lightweight agents (3MB) can be installed anywhere — including any host such as a laptop, desktop, server or virtual machine.

Qualys Cloud Agents extract and consolidate vulnerability and compliance data and update it continuously within the Qualys Cloud Platform for further analysis and correlation, thus providing a continuous view of the security compliance posture of the global network.

Multi-tenant Cloud Infrastructure

The Qualys Cloud Platform consists of a suite of IT security and compliance solutions
that leverage shared and extensible core services and a highly scalable multi-tenant
cloud infrastructure.

Dynamic Role-Based User Interface

Qualys screen shots

Qualys API

Integrated Suite

Qualys Asset View
Qualys Vulnerability Management
Qualys Continuous Monitoring
Qualys ThreatPROTECT
Qualys Policy Compliance
Qualys Security Assessment Questionnaire
Qualys PCI Compliance
Qualys Web Application Scanning
Qualys Web Application Firewall
Qualys Malware Detection
Qualys SECURE Seal

Built on top of Qualys' Infrastructure and Core Services, the Qualys Cloud Suite incorporates the following applications, all of which are delivered via the cloud; there is no new software to deploy or infrastructure to maintain. Each application leverages the same scan data.

AssetView

Is a cloud-based asset inventory service that lets you see and search millions of global IT assets, whether on premises, in the cloud or on mobile. Find devices, OSes, applications, services, ports, certificates and any endpoints that might be added to your network, in seconds. Upgrade for continuous security and compliance at any time.

Vulnerability Management

Automates the lifecycle of network auditing and vulnerability management across your global business. Gives you visibility into IT systems across your network, how they might be vulnerable to the latest Internet threats, and how to protect them.

Continuous Monitoring

Delivers a comprehensive, always-on view of potential security holes enabling organizations to immediately identify and proactively address potential threats before they turn into breaches. Allows you to catch unexpected hosts, expiring SSL certificates, open ports, severe vulnerabilities and undesired applications. Helps organizations identify the highest priority issues to enable fast and efficient mitigation and remediation.

ThreatPROTECT

Helps organizations visualize and prioritize their security threats at a glance. Correlates data from vulnerability scans and active threat data from multiple sources into a single dynamic dashboard to provide a holistic and contextual view of an organization’s threat exposure. Customers can take action to minimize exposure from vulnerabilities related to the threats that matter most.

Policy Compliance

Helps organizations pass security audits and document compliance tied to corporate security policies, laws and industry regulations, supporting the requirements of both internal and external auditors. Audits the configurations of your computers to see if they are enforcing password controls and other compliance policies.

Security Assessment Questionnaire

Centralizes and automates the gathering of risk data and compliance evidence from employees, partners, vendors and other subject matter experts. Frees organizations from manual, labor-intensive approaches (such as email and spreadsheets) so that all phases of their assessment programs can be managed efficiently and reliably online.

PCI Compliance

Provides small and medium-sized businesses with enterprise-level scanning and reporting that’s easy to implement and maintain. Enables large corporations to meet PCI compliance requirements for data protection on a global scale.

Web Application Scanning

Automatically discovers and catalogs all of your web applications and continuously performs comprehensive, accurate scans to uncover critical vulnerabilities such as SQL injection, Cross-Site Scripting, and website misconfigurations. It then automatically notifies the Qualys Web Application Firewall to deploy virtual patches so you can stop web attacks and prevent data breaches.

Web Application Firewall

Allows organizations to monitor all web pages visited by users and automatically share this information back to Qualys WAS to ensure that no page is missed. By tightly integrating the scan and the firewall, you can quickly block attacks on web app vulnerabilities, prevent disclosure of sensitive information, and control where and when your applications are accessed.

Malware Detection

Is a free service that proactively scans websites of any size, anywhere in the world, for malware infections and other threats, sending alerts to website owners. The enterprise edition with advanced reporting and notification options enables businesses to scan and manage a large number of sites, preventing website black listing and brand reputation damage.

SECURE Seal

Enables online businesses of all sizes to scan their websites for the presence of malware, network and application vulnerabilities, as well as SSL certificate validation. Once a website passes all four security scans, the service generates a Qualys SECURE seal for the merchant to display on their website, demonstrating to visitors that the company is committed to security.

down arrow
Qualys API

Core Services

Asset Tagging &
Management

Reporting &
Dashboards

Questionnaires &
Collaboration

Remediation
& Workflow

Big Data Correlation
& Analytics Engine

Alerts &
Notifications

Our Core Services enable integrated workflows, management and real-time analysis and reporting across all of our IT security and compliance solutions.

Asset Tagging and Management

Enables customers to easily identify, categorize and manage large numbers of assets in highly dynamic IT environments and automates the process of inventory management and hierarchical organization of IT assets.

Reporting and Dashboards

A highly configurable reporting engine that provides customers with reports and dashboards based on their roles and access privileges.

Questionnaires and Collaboration

A configurable workflow engine that enables customers to easily build questionnaires and capture existing business processes and workflows to evaluate controls and gather evidence to validate and document compliance.

Remediation and Workflow

An integrated workflow engine that allows customers to automatically generate helpdesk tickets for remediation and to manage compliance exceptions based on customer-defined policies, enabling subsequent review, commentary, tracking and escalation. This engine automatically distributes remediation tasks to IT administrators upon scan completion, tracks remediation progress and closes open tickets once patches are applied and remediation is verified in subsequent scans.

Big Data Correlation and Analytics Engine

Provides capabilities for indexing, searching and correlating large amounts of security and compliance data with other security incidents and third-party security intelligence data. Embedded workflows enable customers to quickly assess risk and access information for remediation, incident analysis and forensic investigations.

Alerts and Notifications

Creates email notifications to alert customers of new vulnerabilities, malware infections, scan completion, open trouble tickets and system updates.

Qualys API

Infrastructure

disc

Scalable
Capacity

disc

Big Data Indexing
and Storage

disc

Qualys
KnowledgeBase

disc

Managed Scanner
Appliances

Our infrastructure layer, which we refer to as our Infrastructure, includes the data, data processing capabilities, software and hardware infrastructure and infrastructure management capabilities that provide the foundation for our cloud platform and allow us to automatically scale our Infrastructure and Core Services to scan millions of IPs.

Scalable Capacity

Scalable Capacity

We have designed a modular and scalable infrastructure that leverages virtualization and cloud technologies. This allows our operations team to dynamically allocate additional capacity on-demand across our entire Qualys Cloud Platform to address the growth and scalability of our solutions.

Big Data Indexing and Storage

Big Data Indexing and Storage

Built on top of our secure data storage model, this engine indexes petabytes of data and uses this information in real-time to execute tags or rules to dynamically update IT assets' properties, which are used in various workflows for scanning, reporting and remediation.

Qualys KnowledgeBase

Qualys KnowledgeBase

Qualys relies on our comprehensive repository, which we refer to as our KnowledgeBase, of known vulnerabilities and compliance controls for a wide range of devices, technologies and applications that powers our security and compliance scanning technology. We update our KnowledgeBase daily with signatures for new vulnerabilities, control checks, validated fixes and improvements.

Managed Scanner Appliances

Managed Sensors

As a core service of our cloud platform, Qualys sensors make it easy to extend security through your globally distributed environment. These sensors, which can be in the form of appliances or lightweight agents, are remotely deployable, centrally managed and self updating. To scan externally facing systems and web applications, we host and operate a large number of globally distributed physical scanner appliances. To scan internal IT assets, customers can also deploy our scanners, which are available on a subscription basis as physical appliances or downloadable virtual images, within their internal networks. Qualys Cloud Agents can be installed anywhere — including any host such as a laptop, desktop, server or virtual machine. Qualys Cloud Agents extract and consolidate vulnerability and compliance data and update it continuously within the Qualys Cloud Platform for further analysis and correlation, thus providing a continuous view of the security compliance posture of the global network. Our cloud agents and scanner appliances self-update daily in a transparent manner using our automated and proprietary scan management technology. These sensors allow us to scale our cloud platform to continuously scan networked devices and web applications across organizations' networks around the world.

up arrow

Cloud Platform Benefits

No Hardware to Buy or Maintain

There's nothing to install or manage. Support for operating and maintaining the solution falls squarely on Qualys.

Global Deployment

Easily performs scans on geographically distributed and segmented networks both at the perimeter, behind the firewall, on dynamic cloud environments and endpoints.

Lower and Predictable TCO

Cloud Computing offers significant economic advantages with no capital expenditures, extra human resources or infrastructure or software to deploy and manage.

Comprehensive, Always Up-to-Date

Qualys has the largest KnowledgeBase of vulnerability signatures in the industry (25,000+) and performs over 3 billion IP scans/audits per year. Since Qualys is centrally managed, vulnerability and software updates are made in real time. Learn more

Highly Scalable

Seamlessly add new coverage, users and services as you need them.

Data Security

Qualys provides secure storage and processing of vulnerability data on an n-tiered architecture of load-balanced application servers. High availability, continuously monitored safe datacenters host physically and logically secure databases with encrypted data storage.

Platform Delivery Options

Multi-Tenant

Shared Cloud Service

The Qualys Multi-Tenant Shared Cloud Service is affordable and instantly available. Subscribers simply use the software, without the hassle and cost of owning and maintaining the software itself. Qualys subscription packages include:

Private Cloud

Private Cloud

The Qualys Private Cloud Platform enables MSSPs, enterprises, and government agencies to deliver Qualys' award-winning security and compliance solutions from your own datacenter, and retain full control of all the underlying security data.

Email or call us at +1 800 745 4355 or try our Global Contacts
Subscription Packages
Qualys Solutions
Qualys Community
Company
Free Trial & Tools
Popular Topics