File integrity monitoring (FIM) tools are essential for defending business and customer data, but legacy tools are falling short by swamping security analysts with irrelevant alerts. This blog describes how Qualys FIM easily solves such issues by accurately isolating file-level breaches and sending only relevant alerts to security teams. File integrity monitoring (FIM) is an […]
An acute need expressed by a majority of CISOs at a roundtable in Italy sparks an idea to use one of our lesser-known compliance apps to manage supply chain security assurance efforts. In the 1984 novel The Unbearable Lightness of Being, author Milan Kundera ponders the fleeting nature of man’s existence. Such is the nature […]
As data breaches continue to target databases and attack techniques become more sophisticated over time, organizations are looking for dynamic and efficient ways to effectively monitor the compliance posture of the databases in their hybrid environments. They have traditionally used privileged database user accounts in addition to host credentials to authenticate into their database instances […]
While many in the industry consider mainframes to be inherently secure systems that don’t require additional hardening, this is not the case, according to recent Forrester surveys which reveal that security incidents are commonplace in mainframes. Mainframes are the backbone of many businesses and often house their most crucial data. 71% of the fortune 500 […]
The security landscape is constantly changing, and you need to adopt proactive measures to stay ahead of security breaches by being extremely vigilant about every little change in your environment. In our previous blog, we discussed how you can leverage the ready-to-use monitoring profiles in your CI/CD pipeline to start monitoring your critical system and […]
Risk and compliance management is a multi-faceted domain with concentrated endeavors towards reducing unacceptable risk potential that could disrupt business, or otherwise negatively impact business performance. IT GRC (Governance, Risk and Compliance) comprises many tasks related to business and IT across an entire enterprise. The compliance laws and requirements are put in place to not […]
There are seemingly countless regulatory and industry frameworks out there that organizations have to navigate and comply with. SOX (Sarbanes-Oxley), PCI-DSS (Payment Card Industry Data Security Standard), GDPR (General Data Protection Regulation), HIPAA (Health Insurance Portability and Accountability Act), and many others that require maintaining a specified baseline of security. Compliance is a challenge in […]
Black Hat kicks off in a few days, and for Qualys customers still planning their schedule we have our weekly recommendation from among the conference’s many training courses and research briefings: The Enemy Within: Modern Supply Chain Attacks.
Qualys has just launched a global IT asset inventory solution that offers full visibility across even the most hybrid, complex and distributed IT environments, addressing a challenge many security and IT teams face today.
In this latest roundup of cyber security news, we look at serious Bluetooth bugs, a zero-day vulnerability on Cisco software, a raft of Apple security fixes and a massive customer data breach at Cathay Pacific.
