All Posts in Qualys News

506 posts

The European Cybersecurity Blogger Awards 2020 – Meet the Finalists

Qualys is sponsoring the EU Cybersecurity Blogger Awards for 2020, representing a ‘who’s who’ of people that write and share their opinions around the security sector. Ahead of the winners being announced on the 2nd of June, we thought we’d ask some questions around what is taking place in security today, how to make the most of your teams, and what changes are required too.

Let’s go into their thoughts:

1. What do you think is the most pressing issue in security today?

It’s not doing the basics, I see this so often especially when I talk to many CISO’s and infosec people. While its ok to buy the best technology, unless you know what your critical assets are, where they are located and have applied the appropriate hardening and least privilege, then when an attacker bypasses your controls it’s pretty much game over. – @cybersecstu, Many Hats Club and https://twitter.com/cybersecstu

Continue reading …

Policy Compliance Library Updates, May 2020

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS and application vendors and other industry best practices.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

The May release includes support for new technologies, 3 CIS Benchmark policies, 3 DISA STIG policies, 11 Industry and Best Practice policies, and provides updates to several existing policies in the Qualys Content Library.

Qualys’ Certification Page at CIS has been updated.
Continue reading …

Qualys Community Migration to Salesforce Platform

We are excited to announce that the Qualys Community discussion forums are migrating to the Salesforce platform on June 6-7 weekend.

This 30-day notification explains why we are changing the underlying platform, how it benefits Qualys customers, and what you should expect.

Benefits

The Salesforce platform offers Qualys community some significant advantages:

Continue reading …

Qualys Cloud Platform 10.1.0 New Features

The upcoming release of the Qualys Cloud Platform (VM, PC), version 10.1.0, includes several new features and enhancements in Qualys Cloud Platform and Qualys Policy Compliance. This release will also add support for new technologies in Qualys Policy Compliance for OCA.

10.1.0 is scheduled to go live across the shared platforms towards the end of May, 2020. Continue reading …

Policy Compliance Library Updates, April 2020

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS and application vendors and other industry best practices.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

The April release includes support for new technologies, 4 CIS Benchmark policies, 2 Industry and Best Practice policies, and provides updates to several existing policies in the Qualys Content Library.

Qualys’ Certification Page at CIS has been updated.

Continue reading …

Qualys Cloud Platform: Continuity of Service in Response to COVID-19

I would like to share Qualys’ response to the heightening coronavirus (COVID-19) outbreak and outline the steps we are taking to ensure continuity of service for our customers and also ensure the health and well-being of our employees.

Qualys has a comprehensive business continuity and emergency response plan in place that is regularly updated and reviewed by executive management. We have conducted a detailed risk assessment of the impact of COVID-19 on our employees and business operations, and at this time we believe that we have the necessary processes in place to continue to effectively deliver on all aspects of our business, including product development, operations and support services.
Continue reading …

Automated and Scalable Audit Workflows with Qualys Security Assessment Questionnaire

Risk and compliance management is a multi-faceted domain with concentrated endeavors towards reducing unacceptable risk potential that could disrupt business, or otherwise negatively impact business performance. IT GRC (Governance, Risk and Compliance) comprises many tasks related to business and IT across an entire enterprise. The compliance laws and requirements are put in place to not only protect your business, but also your customers.

The Qualys Cloud Platform, with its expansive solutions, helps you to conform to various regulatory mandates such as HIPAA, SOX, PCI-DSS, Sarbanes-Oxley and so on.

Continue reading …

Policy Compliance Library Updates, March 2020

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS and application vendors and other industry best practices.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

The March release introduces 3 CIS Benchmark policies, 6 DISA STIG policies, and provides updates to several existing policies in the Qualys Content Library.

Qualys’ Certification Page at CIS has been updated.

Continue reading …

Policy Compliance Library Updates, February 2020

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS and application vendors and other industry best practices.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

The February release includes 8 CIS Benchmark policies, 4 Qualys Security Configuration and Compliance policies, and 1 mandate [MARS-Ev2] policy. Apart from adding a new technology support, it also provides updates to several existing policies in the Qualys Content Library.

Qualys’ Certification Page at CIS at CIS has been updated.

Continue reading …

Intuitive and Ready-to-Use Monitoring Profiles for Compliance Regulations

Detecting changes from a baseline established for files and file paths and receiving instant alerts about them is crucial to ensure security within a monitored environment. File tampering is an indicator of illicit activity, and authorized users must be alerted whenever changes in a critical file or file path occur. Hence, organizations must integrate file change monitoring into their continuous efforts towards maintaining safety and hygiene in the cyber security space, especially in environments where their IT systems contain highly sensitive data.

Continue reading …