Qualys Community

296 posts

My Life as a Chief Security Officer

Gerhard Eschelbeck, Google’s VP of security and privacy engineering, worked at Qualys in the early- to mid-2000s and remembers it as a then-fledgling company brimming with passion and energy about its mission to change vulnerability management.

“It’s amazing to see the growth of the company, and the success and the trust you all have given to a technology that started about 15 years ago,” Eschelbeck said Wednesday at his keynote titled “My Life as a Chief Security Officer” during the Qualys Security Conference in Las Vegas.

Continue reading …

Security Is Tough, but Infosec Pros Can Find Joy in the Work

Anger. Frustration. Despondency. Hopelessness. Capitulation.

These are typical feelings experienced by infosec pros, as they deal with careless end users, impatient executives, emerging technology, budget constraints and understaffing.

“It’s tough out there,” said Mike Rothman, president of Securosis, an information security and analysis firm.

Continue reading …

Infosec Teams Need More Collaboration and Automation to Defend Their Organizations and Help Them Succeed

Infosec teams are under a figurative DDoS (distributed denial of service) attack caused by a variety of business and operational factors that overwhelm them and keep them from crafting strategies to address long-term challenges.

Instead, infosec pros spend most of their time at work doing “day-to-day” tasks due to issues like understaffing and an overload of security alerts, according to Joseph Blankenship, a Senior Analyst at Forrester Research.

Continue reading …

The Big Year: 2016 Product Advances Highlighted at QSC

Several product management leaders took the stage at Qualys Security Conference 2016 in Las Vegas on Wednesday to outline major recent improvements to Qualys products, including Cloud Agent, AssetView, ThreatPROTECT, Vulnerability Management, Policy Compliance and Web Application Scanning.

Continue reading …

As Traditional Network Perimeters Dissolve, Qualys Cloud Platform Provides Global Security and Compliance Visibility

Every day, a large bank scans 1.4 million devices, a home improvement chain scans 2,200 stores and a major cloud infrastructure provider scans 2 million devices.

What do these three big companies have in common? They all rely on the Qualys Cloud Platform for these critical security scans, Qualys Chief Product Officer Sumedh Thakar said at the company’s annual conference.

Continue reading …

Qualys CEO Philippe Courtot Kicks Off QSC16 with Call for Organizations to Secure Their Digital Transformations

As organizations pursue digital transformation efforts, traditional security solutions are falling short, reducing CISOs’ visibility into the increasingly complex IT environments of cloud computing and interconnected business, and creating infosec challenges hackers are eager to exploit.

CEOs are under business pressure to adopt new, emerging technologies that can improve their businesses by gathering and analyzing more data about their products and customers, but security can’t be overlooked.

“Bad guys have taken advantage of the fact that digital transformation forces us to open our networks and interconnect many things,” Philippe Courtot, Qualys’ chairman and CEO, said during the opening keynote of this year’s Qualys Security Conference.

Continue reading …

No Security without Visibility: QSC16 to Focus on Helping Enterprises Regain Clarity into Their IT Environments

Qualys will hold its flagship conference this week in Las Vegas, where our executives will host customers, partners and industry experts. This year’s main topic will be the urgent need for clarity when securing IT environments.

Cloud computing, mobility, IoT and other technology trends have shaken up enterprise security by extending and blurring the frontiers of traditional network perimeters. As hackers aggressively look for ways to exploit new vulnerabilities created by these shifts, CISOs need a comprehensive, unobstructed, continually updated view of all their IT assets and corresponding vulnerabilities.

Over the course of two days at QSC16, attendees will be able to talk about this and other pressing infosec issues, network, exchange best practices and get the latest technology and product roadmaps from Qualys.

If you’re not able to make it out in person to Las Vegas, you can check out this blog, where we’ll be posting articles about most of the sessions, which include keynotes by industry visionaries, panel discussions, real-world case studies by Qualys customers and partners, as well as product use cases showcasing best practices for the Qualys suite of applications.

Continue reading …

Qualys Supports New Cisco Threat-Centric NAC

Integrated Vulnerability Data Dynamically Alters User Permissions Based on the Fluctuating Threat Ratings of a Device

The onslaught of new devices and applications in the enterprise has clouded visibility into who and what is connecting to the network. This raises increased security concerns, since more devices mean more potential ways to compromise the network. Enterprises have generally responded to these concerns by continually adding security systems from multiple vendors to their networks.

Continue reading …

New Qualys App for Splunk Enterprise Adds Real-time Dashboard and Analytics for Web Application Scanning

The newly released Qualys Web Application Scanning (WAS) App for Splunk Enterprise delivers information about affected web applications and prevalent vulnerabilities into the Splunk dashboard, and enables preconfigured searches and reports, for customers using both Qualys and Splunk. Just like with Qualys WAS, this new app also helps you analyze consistent WAS data across application lifecycles, detect unauthorized apps and rapidly harden your web apps with Qualys Web Application Firewall (WAF).

Continue reading …

Here’s a registration discount code for AppSec Europe courtesy of Qualys

Rome_ad_QualysQualys is a sponsor of this year’s AppSec Europe, and if you use our code QLYS-EU100 you will get a €100 discount on your registration for this event, to be held in Italy from June 27 to July 1st.

The conference is organized by OWASP, a nonprofit with 200 chapters in 100 countries whose mission is to “make software security visible.” OWASP, which stands for Open Web Application Security Project, seeks to help individuals and organizations worldwide make informed decisions about software security risks.

Continue reading …