Bringing Continuous Security to the Global Enterprise

Transcription

1 Bringing Continuous to the Global Enterprise Asset Discovery Network Web App Compliance Monitoring Threat Protection

2 The Most Advanced Platform 3+ Billion IP Scans/Audits a Year 1+ Trillion Events The Qualys Cloud Platform with its integrated suite of solutions enables organizations to monitor, prioritize and remediate vulnerabilities to protect their IT assets and their brand, while ensuring regulatory compliance % Six Sigma Scanning Accuracy Built in the cloud, the Qualys Cloud Platform brings continuous security to the global enterprise with easy-to-deploy appliances and lightweight agents that constantly gather security and compliance data. This data is automatically beamed up to the Qualys Cloud Platform, where a suite of centrally managed best-of-breed solutions allows you to monitor, detect and protect your global network across on-premise systems, endpoints and elastic cloud environments. One of the unique advantages of leveraging Qualys cloud-based architecture is that each solution provides instant access to all the data gathered so it can be analyzed and correlated to quickly identify vulnerabilities, recommend remediation actions and provide you with the most comprehensive protection. By deploying our solutions, organizations can gain actionable security intelligence into potential vulnerabilities and malware in their IT infrastructures, and comply with internal policies and external regulations. Qualys Cloud Platform and Solutions Have a 40% Lower TCO Forrester Research Integrated Solutions on a Scalable Cloud Platform Centrally managed, best-of-breed solutions allow you to monitor, prioritize and remediate vulnerabilities to protect your IT and brand assets. Scale to Your Current and Future Needs Grow with your business needs to add new security solutions and scale to protect millions of IT assets all on the same infrastructure and resilient platform. Centrally Managed As a cloud-based solution, there is no hardware or software to install or maintain. intelligence and software updates are continuous and automatic. Since there is nothing to install, global organizations can deploy Qualys in days, not months. Free Training & Support In-person and online training is free, as well as all user conferences. Qualys subscriptions include 24x7 customer and technical support. Platform Delivery Options: Shared Cloud Service Private Cloud The Qualys Multi-Tenant Shared Cloud Service is The Qualys Private Cloud Platform enables MSSPs, affordable and instantly available. Subscribers simply enterprises, and government agencies to deliver use the software, without the hassle and cost of Qualys' award-winning security and compliance owning and maintaining the software itself. solutions from your own datacenter, and retain full Subscription packages are available for enterprises, control of all the underlying security data. SMEs, SMBs, auditors and consultants.

3 Qualys Integrated Cloud Suite Built on top of Qualys Infrastructure and Core Services, the Qualys Cloud Suite incorporates the following applications, all of which are deployed via the cloud; there is no new software to deploy or infrastructure to maintain. All applications leverage and correlate the same scan data. Buy as standalone applications or subscribe to the entire suite. AssetView Continuous Monitoring Vulnerability Management ThreatPROTECT Is a free, cloud-based asset AV inventory service that lets you see and search millions of global IT assets, whether on premise, cloud-based or mobile. Find devices, OSes, applications, services, ports, certificates and any endpoints that might be added to your network, in seconds. Upgrade for continuous security and compliance at any time. CM Delivers a comprehensive, always-on view of potential security holes enabling organizations to immediately identify and proactively address potential threats before they turn into breaches. Allows you to catch unexpected hosts, expiring SSL certificates, open ports, severe vulnerabilities and undesired applications. Helps organizations identify the highest priority issues to enable fast and efficient mitigation and remediation. Automates the lifecycle of network VM auditing and vulnerability management across your global business. Gives you visibility into IT systems across your network, how they might be vulnerable to the latest Internet threats, and how to protect them. Helps organizations visualize and TP prioritize their security threats at a glance. Correlates data from vulnerability scans and active threat data from multiple sources into a single dynamic dashboard to provide a holistic and contextual view of an organization s threat exposure. Customers can take action to minimize exposure from vulnerabilities related to the threats that matter most. Web Application Scanning Web Application Firewall Malware Detection SECURE Seal Automatically discovers and WAS catalogs all of your web applications and continuously performs comprehensive, accurate scans to uncover critical vulnerabilities such as SQL injection, Cross-Site Scripting, and website misconfigurations. It then automatically notifies the Qualys Web Application Firewall to deploy virtual patches so you can stop web attacks and prevent data breaches. Allows organizations to monitor all WAF web pages visited by users and automatically share this information back to Qualys WAS to ensure that no page is missed. By tightly integrating the scan and the firewall, you can quickly block attacks on web app vulnerabilities, prevent disclosure of sensitive information, and control where and when your applications are accessed. Is a free service that proactively MD scans websites of any size, anywhere in the world, for malware infections and other threats, sending alerts to website owners. The enterprise edition with advanced reporting and notification options enables businesses to scan and manage a large number of sites, preventing website black listing and brand reputation damage. Enables online businesses of all sizes to scan their websites for the presence of malware, network and application vulnerabilities, as well as SSL certificate validation. Once a website passes all four security scans, the service generates a Qualys SECURE seal for the merchant to display on their website, demonstrating to visitors that the company is committed to security. Policy Compliance Helps organizations pass security PC audits and document compliance tied to corporate security policies, laws and industry regulations, supporting the requirements of both internal and external auditors. Audits the configurations of your computers to see if they are enforcing password controls and other compliance policies. Assessment Questionnaire Centralizes and automates the SAQ gathering of risk data and compliance evidence from employees, partners, vendors and other subject matter experts. Frees organizations from manual, labor-intensive approaches (such as and spreadsheets) so that all phases of their assessment programs can be managed efficiently and reliably online. PCI Compliance Provides small and medium-sized PCI businesses with enterprise-level scanning and reporting that s easy to implement and maintain. Enables large corporations to meet PCI compliance requirements for data protection on a global scale. New Services Planned for 2016 These include: File Integrity Monitoring, Indicator of Compromise Detection, Patch Management and Passive Network Analyzer. Free Tools AssetView qualys.com/assetview BrowserCheck browsercheck.qualys.com SSL Secure Website Test ssllabs.com/ssltest FreeScan Vulnerability Scan qualys.com/freescan Patch Tuesday PC Audit qualys.com/patchtuesday For a Free Trial visit qualys.com/trial

4 Everything you need to continuously discover and secure all of your global IT assets Asset Discovery Network Web App Secu rity Threat Protection Compliance Monitoring Find & organize hosts & web apps on a global scale Identify & protect against proliferating security threats Find, shield & fix vulnerabilities in your web apps Harden your IT systems and web applications Make compliance faster, more efficient & more reliable

5 Our Journey Into the Cloud Qualys was founded in 1999 at the height of the technology bubble, when Internet security was just beginning to appear on executive agendas. The company launched QualysGuard in December 2000, making Qualys one of the first entrants in the vulnerability management market. Qualys powerful combination of highly accurate and easy-to-use technology has pioneered a new approach to delivering security applications through the cloud that would become known as Software-as-a-Service, or SaaS. Qualys customers were clearly impressed by the power and flexibility of the SaaS model: lower total cost of ownership, high scalability, centralized management from any location, and continuous access to new and upgraded applications. The Qualys Cloud Platform has grown over the past decade to become the leading cloud-based solution helping organizations strengthen the security of their IT infrastructures and conduct automated security audits to ensure compliance with policies and regulations. About Qualys Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of cloud-based security and compliance solutions with over 8,800 customers in more than 100 countries, including a majority of each of the Forbes Global 100 and Fortune 100. The Qualys Cloud Platform and integrated suite of solutions help organizations simplify security operations and lower the cost of compliance by delivering critical security intelligence on demand and automating the full spectrum of auditing, compliance and protection for IT systems and web applications. Founded in 1999, Qualys has established strategic partnerships with leading managed service providers and consulting organizations including Accenture, BT, Cognizant Technology Solutions, Dell SecureWorks, Fujitsu, HCL Comnet, Infosys, NTT, Optiv, Tata Communications, Verizon and Wipro. The company is also a founding member of the Cloud Alliance (CSA). For more information, please visit Used by more than 8,800 customers in over 100 countries, including a majority of the Forbes Global out of the top 10 Technology 9 out of the top 10 Retail 9 out of the top 10 Biotechnology 7 out of the top 10 Chemical 7 out of the top 10 Banking 6 out of the top 10 Software 6 out of the top 10 Telecom 6 out of the top 10 Media 6 out of the top 10 Car Manufac. 6 out of the top 10 Food Retail We found Qualys WAS ideal for our need to assess thousands of websites with limited resources Qualys, Inc. All rights reserved.