See Resources

Qualys Cloud Platform

A Continuous View of Your Security & Compliance

star flare Qualys world electrons

The Qualys Cloud Platform consists of a suite of IT security and compliance solutions that leverage shared and extensible core services and a highly scalable multi-tenant cloud infrastructure.

Qualys Corporate Video

Dynamic Role-Based User Interface

Qualys screen shots

Qualys API

Integrated Suite












Web App


Web App





Built on top of Qualys' Infrastructure and Core Services, the Qualys Cloud Suite incorporates the following applications, all of which are delivered via the cloud; there is no new software to deploy or infrastructure to maintain. Each application leverages the same scan data.

Continuous Monitoring

Delivers immediate alerts whenever threats or unexpected changes are found in an organization's Internet perimeter – before they turn into breaches.

Vulnerability Management

Discovers all devices and applications across the network, at the same time identifying and mitigating the vulnerabilities that make network attacks possible.

Policy Compliance

Helps organizations pass security audits and document compliance tied to corporate security policies, laws, and industry regulations, supporting the requirements of both internal and external auditors.

Security Assessment Questionnaire

Expands the scope of risk and compliance data beyond technical vulnerabilities to verify that third-party vendors are in compliance with emerging regulatory requirements.

PCI Compliance

Provides small and medium-sized businesses with enterprise-level scanning and reporting that's easy to implement and maintain, and enabling large corporations to meet PCI compliance requirements for data protection on a global scale.

Web Application Scanning

Provides automated crawling and testing for custom web applications to identify vulnerabilities including for cross-site scripting and SQL injection. The automated service enables regular testing that produces consistent results, reduces false positives, and easily scales to secure large numbers of websites.

Web Application Firewall

Protects websites against attacks on server vulnerabilities and web app defects. Brings Cloud scalability and simplicity that make it possible to strongly secure web apps against Cross-Site Scripting (XSS), SQL injection, corrupted requests and other attacks in less than 30 minutes.

Malware Detection

Proactively scans websites of any size, anywhere in the world, for malware infections and other threats, sending alerts to website owners. Enables businesses to scan and manage a large number of sites, preventing website black listing and brand reputation damage.


Enables online businesses of all sizes to scan their websites for the presence of malware, network and application vulnerabilities, as well as SSL certificate validation. Merchants can display the Qualys SECURE seal on their website, demonstrating to visitors that the company is committed to security.

down arrow

Core Services

Asset Tagging Icon

Asset Tagging &

Reporting and dashboards Icon

Reporting &

Questionnaires Icon

Questionnaires &

Fix it Icon

& Workflow

Big data Icon

Big Data Correlation
& Analytics Engine

Alerts Icon

Alerts &

Our Core Services enable integrated workflows, management and real-time analysis and reporting across all of our IT security and compliance solutions.

Asset Tagging and Management

Enables customers to easily identify, categorize and manage large numbers of assets in highly dynamic IT environments and automates the process of inventory management and hierarchical organization of IT assets.

Reporting and Dashboards

A highly configurable reporting engine that provides customers with reports and dashboards based on their roles and access privileges.

Questionnaires and Collaboration

A configurable workflow engine that enables customers to easily build questionnaires and capture existing business processes and workflows to evaluate controls and gather evidence to validate and document compliance.

Remediation and Workflow

An integrated workflow engine that allows customers to automatically generate helpdesk tickets for remediation and to manage compliance exceptions based on customer-defined policies, enabling subsequent review, commentary, tracking and escalation. This engine automatically distributes remediation tasks to IT administrators upon scan completion, tracks remediation progress and closes open tickets once patches are applied and remediation is verified in subsequent scans.

Big Data Correlation and Analytics Engine

Provides capabilities for indexing, searching and correlating large amounts of security and compliance data with other security incidents and third-party security intelligence data. Embedded workflows enable customers to quickly assess risk and access information for remediation, incident analysis and forensic investigations.

Alerts and Notifications

Creates email notifications to alert customers of new vulnerabilities, malware infections, scan completion, open trouble tickets and system updates.






Big Data Indexing
and Storage




Managed Scanner

Our infrastructure layer, which we refer to as our Infrastructure, includes the data, data processing capabilities, software and hardware infrastructure and infrastructure management capabilities that provide the foundation for our cloud platform and allow us to automatically scale our Infrastructure and Core Services to scan millions of IPs.

Scalable Capacity

Scalable Capacity

We have designed a modular and scalable infrastructure that leverages virtualization and cloud technologies. This allows our operations team to dynamically allocate additional capacity on-demand across our entire Qualys Cloud Platform to address the growth and scalability of our solutions.

Big Data Indexing and Storage

Big Data Indexing and Storage

Built on top of our secure data storage model, this engine indexes petabytes of data and uses this information in real-time to execute tags or rules to dynamically update IT assets' properties, which are used in various workflows for scanning, reporting and remediation.

Qualys KnowledgeBase

Qualys KnowledgeBase

Qualys relies on our comprehensive repository, which we refer to as our KnowledgeBase, of known vulnerabilities and compliance controls for a wide range of devices, technologies and applications that powers our security and compliance scanning technology. We update our KnowledgeBase daily with signatures for new vulnerabilities, control checks, validated fixes and improvements.

Managed Scanner Appliances

Managed Sensors

As a core service of our cloud platform, Qualys sensors make it easy to extend security through your globally distributed environment. These sensors, which can be in the form of appliances or lightweight agents, are remotely deployable, centrally managed and self updating. To scan externally facing systems and web applications, we host and operate a large number of globally distributed physical scanner appliances. To scan internal IT assets, customers can also deploy our scanners, which are available on a subscription basis as physical appliances or downloadable virtual images, within their internal networks. Qualys Cloud Agents can be installed anywhere — including any host such as a laptop, desktop, server or virtual machine. Qualys Cloud Agents extract and consolidate vulnerability and compliance data and update it continuously within the Qualys Cloud Platform for further analysis and correlation, thus providing a continuous view of the security compliance posture of the global network. Our cloud agents and scanner appliances self-update daily in a transparent manner using our automated and proprietary scan management technology. These sensors allow us to scale our cloud platform to continuously scan networked devices and web applications across organizations' networks around the world.

up arrow

Cloud Scanning Architecture

3+ Billion IP Scans/Audits a Year Resulting in 1 Trillion Security Events

99.5% Uptime and Availability

99.99966% Six Sigma Scanning Accuracy

Learn more

Qualys sensors, a core service of the Qualys Cloud Platform, make it easy to extend your security throughout your global enterprise. These sensors, which can be in the form of appliances or lightweight agents, are remotely deployable, centrally managed and self updating. They collect the data and automatically beam it up to the Qualys Cloud Platform, which has the computing power to continuously analyze and correlate the information in order to help you identify threats and eliminate vulnerabilities.

Perimeter Scanning

Qualys Internet Scanners

Qualys' Internet Scanners provide fast and efficient external scanning. Qualys hosts a collection of Internet Scanners optimized to scan publicly facing devices globally via the Internet. In this manner, Qualys scans and processes security audits in parallel for optimum speed of operations. The inference-based scanning engine employs an un-trusted approach for greater accuracy and scalability, delivering both accurate results and scalable performance.

Perimeter & Internal Scanning

Qualys Cloud Agents

Qualys Cloud Agents provide an entirely new security assessment platform that can scale to handle millions of devices. These lightweight agents (3MB) can be installed anywhere — including any host such as a laptop, desktop, server or virtual machine. Qualys Cloud Agents extract and consolidate vulnerability and compliance data and update it continuously within the Qualys Cloud Platform for further analysis and correlation, thus providing a continuous view of the security compliance posture of the global network.

CA video

Internal Scanning

Qualys Scanner Appliances

Qualys Scanners are appliance versions of the Internet Remote Scanners. Scanners enable customers to bring Qualys' assessment capabilities to their internal networks. Installed in minutes and requiring no maintenance by the user, the hardened Linux appliance needs no special firewall configurations to obtain updates and new vulnerability signatures and perform scan jobs, returning results securely over a standard SSL-encrypted channel.

scanner appliance
Qualys Virtual Scanner Appliances

Qualys' software-based virtual scanner appliances are qualified to run on many of the most common virtualization and cloud platforms including VMware and Amazon EC2. These virtualized scanners supplement the current hardware-based Qualys Scanner Appliances. Like with the hardware-based scanners, customers can manage the virtual scanners from their Qualys accounts via a secure web interface, where all gathered scan data will be available for reporting and remediation. Installed in minutes and requiring no maintenance by the user, scanners needs no special configurations to obtain updates and new vulnerability signatures.

Cloud Platform Benefits

cloud icon

No Hardware to Buy or Maintain

There's nothing to install or manage. Support for operating and maintaining the solution falls squarely on Qualys.

shuttle globe icon

Global Deployment

Easily performs scans on geographically distributed and segmented networks both at the perimeter, behind the firewall, on dynamic cloud environments and endpoints.

dollar bill icon

Lower and Predictable TCO

Cloud Computing offers significant economic advantages with no capital expenditures, extra human resources or infrastructure or software to deploy and manage.

up-to-date icon

Comprehensive, Always Up-to-Date

Qualys has the largest KnowledgeBase of vulnerability signatures in the industry (25,000+) and performs over 3 billion IP scans/audits per year. Since Qualys is centrally managed, vulnerability and software updates are made in real-time. Learn more

highly scalable icon

Highly Scalable

Seamlessly add new coverage, users and services as you need them.

padlock icon

Data Security

Qualys provides secure storage and processing of vulnerability data on an n-tiered architecture of load-balanced application servers. High availability, continuously monitored safe datacenters host physically and logically secure databases with encrypted data storage.

Platform Delivery Options


Shared Cloud Service

The Qualys Multi-Tenant Shared Cloud Service is affordable and instantly available. Subscribers simply use the software, without the hassle and cost of owning and maintaining the software itself. Qualys subscription packages include:

Private Cloud

Private Cloud

The Qualys Private Cloud Platform enables MSSPs, enterprises, and government agencies to deliver Qualys' award-winning security and compliance solutions from your own datacenter, and retain full control of all the underlying security data.

Email or call us at +1 800 745 4355 or try our Global Contacts
Subscription Packages
Qualys Solutions
Qualys Community
Free Trial & Tools
Popular Topics