Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Compliance

Qualys Pushes Major Enhancements to its Flagship QualysGuard Suite

SAN FRANCISCO – RSA CONFERENCE 2012 – Qualys has a history of making major product announcements at the RSA Conference in San Francisco each year, and this year is no exception. The company, based just miles away in Redwood Shores, today introduced significant enhancements to its flagship QualysGuard suite of applications for security and compliance.

The company’s cloud-based QualysGuard service adds the following new features and enhancements as announced today at the RSA Conference:

SAN FRANCISCO – RSA CONFERENCE 2012 – Qualys has a history of making major product announcements at the RSA Conference in San Francisco each year, and this year is no exception. The company, based just miles away in Redwood Shores, today introduced significant enhancements to its flagship QualysGuard suite of applications for security and compliance.

The company’s cloud-based QualysGuard service adds the following new features and enhancements as announced today at the RSA Conference:

Zero-Day Risk Analyzer Module – Powered by VeriSign’s iDefense zero-day security intelligence services, this new addition to QualysGuard allows customers to analyze zero-day threats and estimate their impact on their IT infrastructures and critical systems based on information collected from previous scan results.

QualysNew Enterprise Asset Management Technology – Allows customers to tag assets dynamically based on scan results and to categorize assets in a hierarchical manner to keep pace with changing environments. Tags can then be used in all workflows including scanning, reporting or assigning security and access to assets.

Customizable Questionnaires Service for IT- GRC – Extends the QualysGuard Cloud Platform’s policy compliance capabilities to automate manual control assessments with a customizable questionnaire based on a repository of nearly 1,000 pre-mapped policy documents via the Unified Compliance Framework. Workflows are also provided out-of-the-box that can be tailored to fit business processes.

Enterprise Edition of Its Malware Detection Service – Built on the same platform as its free Malware Detection service, the enterprise version will allow customers to identify malware on multiple Web Sites and automatically receive alerts with steps that can be taken to address threats when malware is discovered. The system is capable of producing reports and analysis including payload collection, block-level isolation and render and execution timelines for detected malware, helps users to further isolate each malware and resolve it quickly. The service is available immediately in the U.S. and Europe and pricing starts at $249.00 per site per year.

Virtualized Scanner Appliances Now Available – Customers can deploy virtual scanner appliances in various modes – on laptops for mobile consultants, in data centers for enterprise scanning and in the Amazon EC2 and VPC platforms for cloud deployments.

Qualys also unveiled a forthcoming Web Application Firewall (WAF) designed to help protect web sites from malicious requests and a range of online threats from spammers to SQL injection and DDoS attacks. The offering will include real-time attack prevention by making use of a database of security heuristics with IP reputation, geolocation awareness, traffic analysis, and protocol and user agent analysis. These products focus on classes of ‘self-inflicted’ vulnerabilities commonly found in commercial Web applications or in custom-developed code, such as cross-site scripting, command injection, directory traversal and other common exploits. The company said its WAF will launch in limited beta during Q2 2012.

Advertisement. Scroll to continue reading.

“Our cloud platform allows us to bring new functionalities to our customers at a much faster pace than traditional enterprise software, and makes them accessible in a unified manner. As importantly, the cloud model permits us to correlate information more effectively and in near real-time,” said Philippe Courtot, chairman and CEO of Qualys.

Qualys counts more than 5,500 organizations in 85 countries as customers, and performs more than 500 million IP audits per year.

The company will unveil its latest innovations tonight at booth #1431 at 7 p.m. PT at the RSA Conference in San Francisco.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Staying the course and sticking to strategic goals allows security professionals to steadily and continually improve the security posture of their organization without allowing distractions to divert precious resources away from more important tasks.

Related Content

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Compliance

The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

ICS/OT

The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Audits

Out of the 335 public recommendations on a comprehensive cybersecurity strategy made since 2010, 190 were not implemented by federal agencies as of December...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

ICS/OT

Wago has patched critical vulnerabilities that can allow hackers to take complete control of its programmable logic controllers (PLCs).

ICS/OT

Cybersecurity firm Forescout shows how various ICS vulnerabilities can be chained for an exploit that allows hackers to cause damage to a bridge.