Dear Customer, Partner and Security Professional,

I would like to thank all of you for your support during our ongoing journey to a world where we are making security invisible and an integrated component of the Digital Transformation of our enterprises. With your help and the dedication of our engineers over many years, we are finally getting closer to that dream, as we continue to significantly increase the performance and reach of the Qualys Cloud Platform and apps.

Continue reading …

Organizations that use automated scanners to test the security of their web apps must watch out for instances where these tools may trigger user account lockouts inadvertently.  Here we explain why this occurs and offer some tips for how to prevent this from happening with Qualys Web Application Scanning (WAS).

Continue reading …

Oracle just released an extremely important critical patch for Java. It fixes an impressive number of vulnerabilities, and it is recommended to install this update as fast as possible. You can read more about this here: http://laws.qualys.com/2013/02/oracle-releases-early-cpu-for.html

And here is the official page on the Oracle website: http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html

A new QID “120832 – Oracle Java SE Critical Patch Update – February 2013” has been released and you can use QualysGuard VM to scan your network to find the systems that require the patch.

Here is a report that gives you a preview of the details of a report for this QID, including a list of known exploits that are available for some of the vulnerabilities that are fixed by this patch: