Qualys Blog

It’s happening all over the business world. Organizations of all sizes and in all industries are aggressively deploying innovative products to new online consumer channels, digitizing their core services and transitioning core business workloads to public clouds as part of digital transformation efforts aimed at increasing business efficiency and effectiveness.

This trend represents both a challenge and an opportunity for InfoSec teams. The challenge: To ensure the security and compliance of these cloud instances, without interrupting their deployment. The opportunity: To become a partner to business units by facilitating the adoption of public cloud services and other digital transformation technologies.

The digital transformation opportunities ahead are immense, according to Mark Butler, Qualys CISO. Digital transformation programs are yielding tangible business benefits, but fundamental security challenges remain, he said during the recent webcast “Securing Your Public Cloud Infrastructure.” 

Specifically, InfoSec teams must gain visibility into these cloud workloads, so that they can monitor those assets, identify vulnerabilities and misconfigurations, and promptly remediate problems. Continue reading …

As organizations seek digital transformation benefits and aggressively move workloads to public cloud platforms, InfoSec teams must support their business units’ efforts by adapting and properly protecting these environments.

This may sound surprising to those who think that, when you use a public cloud service, the platform provider takes on all security and compliance tasks. Rather, these public cloud service providers operate on a “shared security responsibility” model, so the burden is split between you and them.

In other words, you get to define your controls in the cloud to protect your data and infrastructure, while the cloud provider takes care of the security of the cloud.

Continue reading …

This new release of the Qualys Cloud Suite, version 8.10, includes new capabilities and improvements to for VM, PC and shared platform improvements:

• Authentication Vault integration with BeyondTrust
• Mandate-Based reporting for Policy Compliance to simplify reporting against multiple mandates and audit frameworks.
• Expanded support & features for scanning Cloud Environments such as Amazon EC2, Azure, and Google GCE.
• VM Scanning, Reporting, and SSL Labs Improvements
• Ability to export/import UDC definitions with Policy XML and Qualys Library Content
• Policy Compliance support for PostGRE SQL and UDC Support for Amazon Linux 2016

See Also:

• Qualys Cloud Platform 8.10 (VM/PC) API Notification 1
• Qualys Cloud Platform 8.10 (VM/PC) API Notification 2

Continue reading …

This release of the Qualys Cloud Platform version 2.23 includes updates and new features for AssetView, Cloud Agent, AWS Region Support, Security Assessment Questionnaire and Web Application Scanning as follows:

Continue reading …

This new patch release of the Qualys Cloud Suite, version 8.9.2, includes updates for Cloud-based scanner deployments and expanded platform coverage for PC.

Feature Highlights

Continue reading …