Connect with us

Hi, what are you looking for?


Cloud Security

Qualys Enhances Continuous Monitoring Services

Qualys, a provider of cloud-based security and compliance solutions, announced enhancements to its cloud service Qualys Continuous Monitoring (CM) solution this week.

Qualys, a provider of cloud-based security and compliance solutions, announced enhancements to its cloud service Qualys Continuous Monitoring (CM) solution this week.

New features in the offering include automated alerts for changes in perimeter IP addresses, as well as a new API interface that enables integration of alerts into incident response systems and SIEMs such as Splunk and HP ArcSight.

Originally introduced in February 2014, Qualys Continuous Monitoring helps organizations proactively identify threats and unexpected changes in Internet-facing devices within their DMZ, cloud-based environments, and web applications.

Qualys Logo

Built on the Qualys Cloud Platform, Continuous Monitoring uses its elastic scanning capacity to dynamically scale to continuously scan networks of any size and scope, and instantly provide alerts as soon as an unauthorized change is detected.

“More and more customers are asking us to help them address ‘toxic combination’ type scenarios that can lead to compromises in their IT environments. An example of this could be a server that exhibits a combination of configurations or vulnerabilities that can make it susceptible to attacks,” said Philippe Courtot, Chairman and CEO of Qualys.

“Combining a continuous security approach that integrates alerts into the incident response system, enables customers to quickly address potential toxic combinations by alerting them when a critical change suddenly appears in their environment,” Courtot continued. “These alerts help to direct the information to the hands of first responders so they can immediately address and mitigate risk within their global perimeter.”

Common Event Format (CEF) Support is now included, Qualys said, which enables customers to use the CEF format to send events into all popular SIEM and incident response products and get email alerts delivered directly to their inbox.

Advertisement. Scroll to continue reading.

In addition, the solution allows businesses to continuously monitor and respond to situations such as New Hosts, OS Changes on Existing Hosts, Open Ports/Services,SSL Certificates, Vulnerabilities Changes, and Software Changes.

“In an era of continuous compromise, enterprises need to shift from a mindset of “incident response” – wherein incidents are thought of as occasional, one-off events – to a mindset of continuous response – wherein attacks are relentless, hackers’ ability to penetrate systems and information is never fully blocked, and systems must be assumed to be continuously compromised, and this, they must be continuously monitored,” said Neil MacDonald, Vice President and Distinguished Analyst for Gartner.

Qualys Continuous Monitoring is available immediately and sold via annual subscription, based on the number of perimeter IPs. Pricing starts at $295 for small businesses and $1,995 for larger enterprises, and is sold as annual subscriptions based on the numbers of perimeter IPs being monitored.

Related ReadingContinuous Monitoring and the Confusion It Causes

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to and Exchange Online.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet