As Traditional Network Perimeters Dissolve, Qualys Cloud Platform Provides Global Security and Compliance Visibility

Every day, a large bank scans 1.4 million devices, a home improvement chain scans 2,200 stores and a major cloud infrastructure provider scans 2 million devices.

What do these three big companies have in common? They all rely on the Qualys Cloud Platform for these critical security scans, Qualys Chief Product Officer Sumedh Thakar said at the company’s annual conference.

These organizations are part of a growing customer base, which exceeds 8,800 and includes a majority of the Forbes Global 100.

In his presentation, titled “Global Visibility in a Perimeter-less World,” Thakar explained that IT networks now extend way beyond their traditional boundaries to cloud computing instances, Internet-facing applications, IoT systems and wherever laptops and other mobile devices roam.

And even within corporate premises, there are now many new devices connected to the network, such as Wi-Fi-enabled coffee makers, which offer attackers new vulnerable points of entry into the IT environment. “What is connected on prem is also changing,” he said.

As a result, CISOs need a “single pane of glass” visibility into their increasingly distributed and hybrid IT infrastructures to see their security threats and compliance issues, he said.

It’s for this new “perimeter-less” world that the Qualys Cloud Platform has been architected and designed. It provides a continuous security and compliance view via continuous discovery, real-time distributed data collection, a data analytics and reporting correlation back end, and an integrated suite of applications.

For example, for discovery, the Qualys Cloud Platform collects security data in real time across every type of IT infrastructure using a variety of agentless and agent-based methods and sensors, including: physical appliances, virtual appliances, cloud appliances, cloud agents and a broad set of APIs (application programming interfaces), Thakar said.

Meanwhile, the integrated suite includes applications for vulnerability management, policy compliance, asset inventory, remediation prioritization and web application security.

To assemble this set of security and compliance services, an organization would have to acquire and manually integrate multiple products and systems from a variety of different vendors, at a great cost and complexity.

The Qualys Cloud Platform gives organizations more and better functionality in a centralized platform that is hosted and maintained by Qualys with a significantly lower total cost of ownership.

Thakar also highlighted that while Qualys is a cloud computing leader and pioneer, it also recognizes there are scenarios where due to internal policies or external regulations, organizations can’t use our multi-tenant, shared public cloud architecture.

That’s why Qualys developed its Qualys Private Cloud Platform (PCP) family of self-contained, pre-configured appliances. The PCP appliances offer the security and compliance services of the Qualys Cloud Platform but on premises within a customer’s or partner’s data center.

Although intended for on-premises use, these high-performance appliances are easy to deploy and centrally managed and updated by Qualys. The most recent addition to this product family is the Private Cloud Appliance, designed for small and medium size businesses.

“We offer multiple options for deploying our platform,” Thakar said.