Back to qualys.com
18 posts

Qualys Cloud Platform 2.38 New Features

This release of the Qualys Cloud Platform version 2.38 includes updates and new features for AssetView, Web Application Firewall, and Web Application Scanning, highlights as follows.

Continue reading …

Qualys Cloud Platform 2.37 New Features

This release of the Qualys Cloud Platform version 2.37 includes updates and new features for Security Assessment Questionnaire and Web Application Scanning, highlights as follows.

Continue reading …

Qualys Cloud Platform 2.36 New Features

This release of the Qualys Cloud Platform version 2.36 includes updates and new features for AssetView (Cloud Assets and Cloud Agents) and Web Application Scanning, highlights as follows.

Continue reading …

Qualys Cloud Platform 2.35 New Features

This release of the Qualys Cloud Platform version 2.35 includes updates and new features for AssetView, Cloud Agent, Security Assessment Questionnaire, and Web Application Scanning, highlights as follows.  (Note: this post has been edited after publishing to remove the Rule-Based Method to Purge/Uninstall Cloud Assets and Cloud Agents, and Azure Cloud Connector, which will be available in a subsequent release.)

Continue reading …

Qualys Cloud Platform 2.34.1 New Features

This release of the Qualys Cloud Platform version 2.34.1 includes updates and new features for Cloud Agent & AWS EC2 Connector, AssetView, CloudView, and Security Assessment Questionnaire, highlights as follows.

Continue reading …

Qualys Cloud Platform 2.34 New Features

This release of the Qualys Cloud Platform version 2.34 includes updates and new features for Cloud Agent, EC2 Connector, Continuous Monitoring, Security Assessment Questionnaire, Web Application Scanning, and Web Application Firewall, highlights as follows.

Continue reading …

GDPR Is Here: Indication of Compromise – Another Key Practice for GDPR Compliance

In this blog series, we’re discussing solid security practices that are key for General Data Protection Regulation (GDPR) compliance, and today we’ll address another crucial one: Indication of compromise (IOC).

In a nutshell, IOC can help customers who are dealing with unauthorized access to customer personal data by an external threat actor or adversary.

This makes IOC particularly relevant to GDPR’s stringent requirements for providing integrity, control, accountability and protection of EU residents’ personal data.

Read on to learn why IOC is critical for complying with GDPR, which went into effect in May, and how Qualys can help you.

Continue reading …

Qualys Cloud Platform 2.33 New Features

This release of the Qualys Cloud Platform version 2.33 includes the release for CertView, plus updates and new features for AssetView, Cloud Agent, EC2 Connector, Security Assessment Questionnaire, Web Application Scanning, and Web Application Firewall, highlights as follows.  (This posting has been edited to include an update to WAS that is available in a patch release.)

Continue reading …

Orangeworm Targeting Healthcare Industry since 2015 Now Exposed

Operating since 2015, a threat group dubbed Orangeworm has been newly attributed to hacking and infiltrating healthcare groups around the world.  Companies specifically targeted include hospitals, healthcare providers, pharmaceuticals, IT services firms serving the healthcare industry, and more.  (Healthcare Informatics Institute describes this in more detail.)

The victims are specific, targeted, and global with 17% of victims in the US, 7% in India, 7% in Saudi Arabia, 5% in Philippines, 5% in Germany, Hungary and United Kingdom, with seventeen other countries each with 2% of infections.  Analysts are still investigating the campaign tactics, techniques, and procedures (TTPs) of the Orangeworm group to determine their objectives whether espionage of the medical systems themselves, to steal patient data, or potential future sabotage or ransom.

Continue reading …

Indication of Compromise: Another Key Practice for GDPR Compliance

In this ongoing blog series on preparing for complying with the EU’s General Data Protection Regulation (GDPR), we’ve explained the importance of having solid, foundational security practices like asset management and threat prioritization. Today, we’ll discuss how another such practice can help organizations stay on the right side of GDPR: Indication of Compromise (IOC).

In a nutshell, IOC can help customers who are dealing with unauthorized access to customer personal data by an external threat actor or adversary. This makes IOC particularly relevant to GDPR’s stringent requirements for data integrity, control, accountability and protection.

To comply with GDPR, which goes into effect on May 25, companies worldwide — not just in the EU — must know what personal data of EU residents they have, where it’s stored, with whom they’re sharing it, how they’re protecting it, and what they’re using it for.

Continue reading …