Qualys
Encyclopedia
Qualys, Inc. is the leading provider of software-as-a-service
(SaaS) IT security risk and compliance management solutions. Qualys' on demand security risk and compliance management solutions make it possible for organizations to strengthen the security of their networks and conduct automated security audits that ensure regulatory compliance and adherence to internal security policies. Qualys is the only security company that delivers these solutions through a single SaaS platform: QualysGuard. All of Qualys' on demand services can be deployed within hours anywhere around the globe, providing customers with an immediate view of their security and compliance postures. As a result, the service is used by more than 5,000 organizations in 85 countries, including 45 in the Fortune 100 and performs over 500 million IP audits per year. It is headquartered in Redwood Shores, California
, with international offices. Qualys was one of the first companies to act as SaaS provider (formerly known as ASP - Application Service Provider) as early a 1999 and to release REST-like (not REST-ful) HTTP API (2000).
Qualys witnessed its customers experiencing the on demand power and flexibility with the SaaS model compared to traditional enterprise software: lower total cost of ownership, the ability to access and manage the application from any Web browser, and never-before-seen access to new and upgraded applications - thanks to shorter SaaS development cycles that help address new and emerging security threats.
In 2005, Qualys extended its QualysGuard product line to help customers better manage IT compliance issues—which are inextricably intertwined with vulnerability management—including what has now become the Payment Card Industry Data Security Standard. Qualys’ move into IT compliance leverages and significantly aids its existing client base in such heavily regulated industries as financial services, retail, manufacturing, government, and health care. In 2008 Qualys introduced QualysGuard Policy Compliance which extends QualysGuard’s global scanning capabilities to collect IT compliance data from hosts and other assets within the organization, and maps this information into policies to document compliance with regulations and mandates. Qualys has continued to add new services to its platform for comprehensive security as a service. In 2008, Qualys launched Qualys- Guard Web Application Scanning (WAS). In 2010, Qualys launched QualysGuard Malware Detection, a free service helping organizations protect their web sites from malware and vulnerabilities, and Qualys BrowserCheck, providing a free tool for people to make sure their web browsers and plug-ins are up-to-date and secure.
SSL Labs - page with resources and free tools for assessing use of SSL
IronBee - open source project to build a universal web application firewall sensor in the cloud through collective efforts of the community
Software as a Service
Software as a service , sometimes referred to as "on-demand software," is a software delivery model in which software and its associated data are hosted centrally and are typically accessed by users using a thin client, normally using a web browser over the Internet.SaaS has become a common...
(SaaS) IT security risk and compliance management solutions. Qualys' on demand security risk and compliance management solutions make it possible for organizations to strengthen the security of their networks and conduct automated security audits that ensure regulatory compliance and adherence to internal security policies. Qualys is the only security company that delivers these solutions through a single SaaS platform: QualysGuard. All of Qualys' on demand services can be deployed within hours anywhere around the globe, providing customers with an immediate view of their security and compliance postures. As a result, the service is used by more than 5,000 organizations in 85 countries, including 45 in the Fortune 100 and performs over 500 million IP audits per year. It is headquartered in Redwood Shores, California
California
California is a state located on the West Coast of the United States. It is by far the most populous U.S. state, and the third-largest by land area...
, with international offices. Qualys was one of the first companies to act as SaaS provider (formerly known as ASP - Application Service Provider) as early a 1999 and to release REST-like (not REST-ful) HTTP API (2000).
Pioneer of On Demand Security: Security as a Service
Qualys was founded in 1999 at the height of the technology bubble, when network security was just beginning to appear on the agendas of executive management meetings around the globe. The company launched QualysGuard in December 2000, making Qualys among the first entrants in the vulnerability management market. QualysGuard moved to market with a powerful combination of highly accurate and easy-to-use scanning technology and pioneered a revolutionary new approach to delivering security applications through the Web, which would later be called "Software-as-a-Service."Qualys witnessed its customers experiencing the on demand power and flexibility with the SaaS model compared to traditional enterprise software: lower total cost of ownership, the ability to access and manage the application from any Web browser, and never-before-seen access to new and upgraded applications - thanks to shorter SaaS development cycles that help address new and emerging security threats.
In 2005, Qualys extended its QualysGuard product line to help customers better manage IT compliance issues—which are inextricably intertwined with vulnerability management—including what has now become the Payment Card Industry Data Security Standard. Qualys’ move into IT compliance leverages and significantly aids its existing client base in such heavily regulated industries as financial services, retail, manufacturing, government, and health care. In 2008 Qualys introduced QualysGuard Policy Compliance which extends QualysGuard’s global scanning capabilities to collect IT compliance data from hosts and other assets within the organization, and maps this information into policies to document compliance with regulations and mandates. Qualys has continued to add new services to its platform for comprehensive security as a service. In 2008, Qualys launched Qualys- Guard Web Application Scanning (WAS). In 2010, Qualys launched QualysGuard Malware Detection, a free service helping organizations protect their web sites from malware and vulnerabilities, and Qualys BrowserCheck, providing a free tool for people to make sure their web browsers and plug-ins are up-to-date and secure.
Products
The company’s flagship product line, the QualysGuard Security & Compliance Suite, uses the software-as-a-service (SaaS) model. It is available as an Enterprise Edition for large, distributed organizations, and as an Express Edition for small to mid-sized businesses. It is made up of these products:- QualysGuard Vulnerability Management - globally deployable, scalable security risk and vulnerability management
- QualysGuard Policy Compliance - defines, audits and documents for full IT security compliance
- QualysGuard PCI Compliance - automated PCI compliance validation for merchants and acquiring institutions
- QualysGuard Web Application Security - scalable, automated web application security assessment and reporting
- Free QualysGuard Malware Detection - performs daily scans of web sites and alerts web site owners of any malware issues
- Qualys SECURE Seal - allows businesses to scan web sites for presence of malware, network and web application vulnerabilities, as well as SSL certificate validation, and place a "Qualys SECURE" seal on their sites when secure
- Free Qualys BrowserCheck - free service allowing anyone to scan their browser and ensure their browsers and plug-ins are secure and up-to-date.
Other services
Qualys’ Vulnerability R&D Lab conducts a monthly, second-Tuesday videocast to discuss the vulnerabilities and threats present in Microsoft Windows.SSL Labs - page with resources and free tools for assessing use of SSL
IronBee - open source project to build a universal web application firewall sensor in the cloud through collective efforts of the community