Qualys - Web & Network Vulnerability Management Solution

Company Description

Qualys specialises in asset discovery, network security, threat protection, compliance monitoring and web application security - all encompassed under a single Cloud Security Platform. Used by more than 8,800 customers in over 100 countries, including a majority of the Forbes Global 100, the Qualys Cloud Platform performs more than 3 billion IP scans/audits a year resulting in over 1 trillion security events.

Video: Qualys Introduction


Products Overview


Qualys provides a Cloud Security Platform, which provides the following:

Asset Discovery:

  • AssetView - Extremely scalable cloud-based asset inventory service that provides you with auto-updating, auto managing visibility and actionable data on global IT assets within your organization, including virtualized environments. 

Network Security:

  • Vulnerability Management - Provides highly accurate, continuous scanning to identify vulnerabilities with reporting, tracks them alongside the actions undertaken in an executive dashboard to better manage vulnerabilities within your systems.
  • Continuous Monitoring - Detects changes in your network via an up-to-date view of the entire organisation in a dashboard, working together with other modules such as the vulnerability management to provide truly proactive network security. 

Threat Protection:

  • ThreatPROTECT - Correlates external threat data against vulnerabilities within your internal system to identify and raise flags on assets which require attention.

Compliance Monitoring:

  • Policy Compliance - Draws from a built-in-library of regulations to set up policies which satisfy the selected regulations, scanning hosts in the network to ensure accurate configurations and provide remediations for compliance.
  • Security Assessment Questionaire - Enables you to collect and analyse data for uses such as risk assessment and audit management with an intuitive dashboard and flexible templates.
  • PCI Compliance - Provides an extremely cost-effective and highly-automated method to satisfy the PCI-DSS to secure payment cardholder information via four simple steps - Deploy, Scan, Remediate and Submit.
Web Application Security:
  • Web App Scanning - Utilised automated, dynamic deep scan techniques to discover and catalogue web applications within your network, identifying OWASP top 10 risks and hidden malware.
  • Web Application Firewall (WAF) - Couples up with the WAS to provide mitigation methods when threats are found, while complying to regulation such as the PCI-DSS which requires app firewalls for data leak protection and application control.
  • Malware Detection - With behavioural analysis to counter zero-day malware, regular scheduled scanning with email alerts for interactive reports, and a centralised management with various configurations, the Qualys MD enables you to protect your organisation and customers.
  • SECURE Seal - The only website secure testing service that provides a complete perimeter scanning malware, network and web application vulnerabilities, as well as SSL certificate validation, with a seal to prove to customers the high quality of security you employ.


For more references (DataSheets):
Malware Detection
PCI Compliance
Policy Compliance
Security Assessment Questionnaire

Video: The Next Generation Cloud Security and Compliance Platform


Qualys Blog:
Handling Cross-Site Scripting As Attacks Get More Sophisticated
How Ignoring Low-Level Security Risks Can Open the Door to Major Attacks
Copyright 2016 Ace Pacific Pte Ltd All rights reserved . Site by SGIHUB.