Qualys

Asset tagging and management 

Identify, categorize and manage large numbers of assets in dynamic IT environments and automate inventory management processes.

Reporting and dashboards

A configurable reporting engine that provides dashboard reports and based on roles and access privileges.

Questionnaires and collaboration

A configurable workflow engine that enables the easy build of questionnaires to capture existing business processes and workflows to evaluate controls and gather evidence to validate and document compliance.

Remediation and workflow

An integrated workflow engine that automatically generates helpdesk tickets for remediation and manages compliance exceptions based on customer-defined policies. This enables subsequent review, commentary, tracking and escalation. It also automatically distributes remediation tasks to IT administrators upon scan completion, tracks remediation progress and closes open tickets once patches are applied and remediation is verified in subsequent scans.

Big data correlation and analytics engine

Index, search and correlate large amounts of security and compliance data with other security incidents and data. Embed workflows that enable users to quickly assess risk and access information for remediation, incident analysis and forensic investigations.

Alerts and notifications

Creates email notification alerts of new vulnerabilities, malware infections, scan completions, open trouble tickets and system updates.

Built on top of Qualys’ Infrastructure and core services, the Qualys Cloud Suite incorporates the following applications, delivered via the cloud.

Asset discovery

Find and catalogue all your IT assets wherever they reside.

Qualys’ Asset View (AV) module consolidates all asset details in a centralized browser-based, customizable dashboard. It gives organizations a real-time view of their increasingly distributed and varied IT environments, so they know where assets are located, who manages them and what security risks they carry.

This inventory is updated in real time without the need for proactive polling.

Network security

Qualys provides full visibility of IT assets across all networks — on premises, in the cloud and on mobile endpoints — to highlight how they might be vulnerable and facilitate with protection.

• Qualys Vulnerability Management (VM) continuously identifies exposures so organizations can defend themselves against attacks wherever and whenever they appear
• Qualys Continuous Monitoring (CM) alerts in real time about network irregularities, such as new hosts/operating systems, expiring certificates, unexpected open ports and unauthorized software

Threat protection

Prioritize vulnerability remediation work with Qualys Threat Protect.

Qualys addresses the overload of vulnerability and threat disclosure by automating the large-scale and continuous data analysis that the process demands.

Qualys continuously correlates real-time threat information against vulnerabilities and IT your asset inventory, giving a clear and comprehensive view of your organization’s threat landscape.

Compliance monitoring

Qualys' compliance monitoring solutions automate the complex task of assessing procedural and technical controls for vendor risk management, internal IT compliance, and general best practices for securing IT systems.

• The Policy Compliance (PC) module performs security configuration assessments on IT systems throughout the network
• The PCI module checks specifically for compliance with the Payment Card Industry Data Security Standard (PCI DSS), including the requirement for organizations to maintain secure web applications
• The Security Assessment Questionnaire (SAQ) streamlines an organization’s vendor risk management process, including the design, distribution, tracking, aggregation and management of multiple internal and external risk assessment surveys from a web-based central console

Web app scanning

Boost web app security with Qualys' cloud-based, integrated solutions.Qualys automates web app security, shields web servers from hackers, gets rid of malware from websites and makes the software development lifecycle more secure.

• Qualys Web Application Scanning (WAS) crawls and tests custom web applications to identify vulnerabilities, while its extensive APIs let users integrate scan data with other security systems
• Qualys Web Application Firewall (WAF) blocks attacks on web server vulnerabilities, and faciltitates control of where and when applications are accessed
• Qualys Malware Detection (MD) proactively scans an organization’s customer-facing websites for infections, triggers automated alerts and generates detailed reports

Qualys cloud applications share core services and infrastructure — saving you time, money and making it extremely scalable.

It is used by more than 9,200 organizations in over 100 countries, including many of the Forbes Global 100.