As you roll out Security Assessment Questionnaire to your vendors and internal stakeholders, it is necessary to avoid lengthy questionnaires containing many sections with questions that are not relevant to their area of work. It is important that respondents don’t get overwhelmed and spend a lot of time and effort in sifting through all the questions deciding for themselves whether a section or a question is relevant or applicable to them. Invariably, this results in delays in getting their responses back to you.

The latest version of Security Assessment Questionnaire enables you to use a gating mechanism for controlling the flow of your questionnaire. You can now decide which questions or sections a respondent can see, based on his response to a question or a combination of questions. This makes it easier for respondents to see and respond to only relevant sections and questions thereby making the entire exercise more time-efficient for them. It is also easier for you to analyze all the consolidated responses.

Continue reading …

Reserve Bank of India (RBI), India’s central banking and monetary authority, points out that the number, frequency, and impact of cyber incidents on Indian banks has increased substantially. Like their peers globally, Indian banks are committed to maintaining customer trust, protecting financial assets, and preserving their own brand and reputation as the industry will remain a top target of cybercriminals using increasingly sophisticated methods. Thus, it is urgent that banks continue to improve their cyber defenses.

In a race to adopt technology innovations, the exposure to cyber incidents/attacks has also increased, thereby underlining the urgent need to put in place a robust cyber security and resilience framework. The Reserve Bank of India has provided guidelines on Cyber Security Framework vide circular DBS.

Continue reading …

This release of the Qualys Cloud Platform version 2.23 includes updates and new features for AssetView, Cloud Agent, AWS Region Support, Security Assessment Questionnaire and Web Application Scanning as follows:

Continue reading …

This release of the Qualys Cloud Platform version 2.21 includes new major releases of both Web Application Firewall and Web Application Scanning. The release also includes numerous updates and new features for AssetView, Cloud Agent, and Security Assessment Questionnaire as follows:

• AssetView (Version 2.21.0) – One click access to vulnerability details for an asset and Improved filtering options for widgets.
• Cloud Agent Platform (Version 2.2.0) – Additional tuning parameters for the agent and simplified agent OS support information.
• Security Assessment Questionnaire (Version 2.6.0) – Improvements to Dynamic Reports, ability to customize Email templates, and ability to edit comments in responses.
• Web Application Firewall (Version 2.0.0) – Improved virtual appliance, improved integration with Web Application Scanning, a revamped user-interface and simplified security configuration.
• Web Application Scanning (Version 5.0.0) – Includes initial support for REST based testing, Scanner Appliance Pooling and drastic improvements to Progressive Scanning metrics.

The specific day for deployment will differ depending on the platform. Release Dates will be published on the Qualys Status page when available.

Continue reading …

Qualys Cloud Platform release 2.18 includes updates and new features for:

• Qualys Cloud Platform (Version 2.18.0)
• AssetView and ThreatPROTECT (Version 2.18.0)
• Security Assessment Questionnaire (Version 2.3.0)
• Web Application Scanning (Version 4.12.0)

Continue reading …

A new release of the Qualys Cloud Platform includes several new platform features and also includes new versions of the following modules:

• Security Assessment Questionnaire 2.0
• ThreatPROTECT 1.1
• AssetView 2.14
• Cloud Agent Platform 1.5.0
• Qualys Cloud Platform 2.14

Continue reading …

Today at Gartner Security and Risk Management Summit, Qualys announced the availability of customizable questionnaires in its QualysGuard Cloud Platform and suite of integrated solutions for security and compliance. Businesses can use the new Questionnaire solution to centralize and automate the vendor risk assessment process, helping them ensure that service providers and IT suppliers do not disrupt or hurt business performance.

“We participated in the QualysGuard Questionnaire beta and used it to assess the risk of various vendors and partners we work with,” said Randy Barr, VP chief security and information officer for Saba. “We found the solution easy to use and customizable to our vendor risk assessment needs, and having it delivered via the cloud allowed us to easily assess third-parties – giving vendor contacts access to complete online vendor assessments and reminders for pending and past-due assessments.”

“We were a part of the QualysGuard Questionnaire Service beta and look forward to offering it to our customers,” said Tim McElwee, chairman and COO, Proficio Inc. "The cloud service will help our clients streamline vendor risk and other assessments by easily setting up and tracking completion of questionnaires."

Read the full announcement or learn more about the new QualysGuard Questionnaire Service.