Qualys Blog

www.qualys.com
11 posts

Qualys Cloud Platform 2.23 New Features

This release of the Qualys Cloud Platform version 2.23 includes updates and new features for AssetView, Cloud Agent, AWS Region Support, Security Assessment Questionnaire and Web Application Scanning as follows:

Continue reading …

Checklist: Qualys Top 10 Tips for a Secure & Compliant 2017

With 2017 still in its infancy, plenty of time remains for InfoSec practitioners to make concrete strides toward better security and compliance in their organizations. That’s why to help you start off the year on the right foot, we’ve shared best practices, ideas and recommendations in our Qualys Top 10 Tips for a Secure & Compliant 2017 blog series.

Continue reading …

Slash Vendor Risk and Sharpen Compliance with Policies, Standards and Regulations

As we continue our Qualys Top 10 Tips for a Secure & Compliant 2017 blog series, we zoom in on the all important area of compliance and risk monitoring, a key element of any comprehensive security program.

IT compliance and risk managers don’t have it easy. You face an increasingly complex regulatory landscape, constantly evolving industry standards and a technology environment that’s changing at a dizzying pace. It falls on your shoulders to make sure your organizations follow rules, regulations, laws, standards and practices in areas of IT across all business functions.

In this post, we’ll offer tips 5 – 7 on our list, to help you:

  • Ensure internal and external IT compliance
  • Assess procedural and technical controls among vendors to reduce the risk of doing business with them
  • Comply with the Payment Card Industry Data Security Standard (PCI DSS)

Continue reading …

Qualys Cloud Platform 2.21 New Features

This release of the Qualys Cloud Platform version 2.21 includes new major releases of both Web Application Firewall and Web Application Scanning. The release also includes numerous updates and new features for AssetView, Cloud Agent, and Security Assessment Questionnaire as follows:

  • AssetView (Version 2.21.0) – One click access to vulnerability details for an asset and Improved filtering options for widgets.
  • Cloud Agent Platform (Version 2.2.0) – Additional tuning parameters for the agent and simplified agent OS support information.
  • Security Assessment Questionnaire (Version 2.6.0) – Improvements to Dynamic Reports, ability to customize Email templates, and ability to edit comments in responses.
  • Web Application Firewall (Version 2.0.0) – Improved virtual appliance, improved integration with Web Application Scanning, a revamped user-interface and simplified security configuration.
  • Web Application Scanning (Version 5.0.0) – Includes initial support for REST based testing, Scanner Appliance Pooling and drastic improvements to Progressive Scanning metrics.

The specific day for deployment will differ depending on the platform. Release Dates will be published on the Qualys Status page when available.

Continue reading …

Agility and Flexibility Needed To Manage Risk Throughout Vendor Relationship Lifecycle

We conclude our series on assessing third-party risk, where we’ve described scenarios in which an automated, cloud-based system can help you identify security and compliance gaps among vendors, partners and employees.

As we have outlined in this blog series, CISOs and their infosec teams need clarity and visibility not only into their IT environments, but also across their roster of trusted vendors. Organizations that don’t properly assess and manage the risk of doing business with their vendors, partners, suppliers, contractors and other third parties make their IT network and data vulnerable to hackers.

Continue reading …

Lasso In Employee Training, Vendor Regulatory Compliance with Automated Risk Assessments

We continue our series on assessing third-party risk, where we’re describing scenarios in which an automated, cloud-based system can help you identify security and compliance gaps among vendors, partners and employees.

In addition to protecting their organization’s IT environment, CISOs must also closely monitor the security and compliance policies and procedures of trusted third parties.

Continue reading …

Qualys Cloud Platform 2.17 New Features

Qualys Cloud Platform release 2.17 includes updates and new features for:

  • AssetView (version 2.17.0)
  • Cloud Agent Platform (version 1.8.0)
  • Continuous Monitoring (version 1.16.0)
  • Security Assessment Questionnaire (version 2.2.0)

Continue reading …

To Gauge Risk from Third Parties and Employees, Scalability and Automation Are Essential

We continue our series on assessing third-party risk, where we’re describing scenarios in which an automated, cloud-based system can help you identify security and compliance gaps among vendors, partners and employees.

As discussed in this series’ first installment, it’s short-sighted to put great effort into protecting your IT environment while ignoring the security and compliance policies and procedures of your trusted third parties.

We illustrated this principle with the hypothetical example of two CISOs — Jane and Emily — who almost simultaneously hire the same outsourcer, and grant it privileged access to their respective companies’ sensitive data and IT systems.

Continue reading …

Assessing Risk from Vendors and Other Third Parties Is Key to Business Success

Jane and Emily are CISOs at two large companies which about five years ago almost simultaneously hired a well-known outsourcer that provides back office business services. Both companies entrusted the outsourcer with sensitive corporate data and granted it special access to their IT systems.

Both Jane and Emily had spent a lot of time, effort and money boosting their respective companies’ physical and IT security, and tightening their compliance with external regulations and internal rules.

However, these two successful CISOs differed in a key area: third party risk management. Jane had given short shrift to this important but overlooked area. Meanwhile, Emily had made it a priority to create a formal, comprehensive, centralized and automated program for assessing third-party risk.

Continue reading …

Qualys Cloud Platform 2.17 New Features

A new release of the Qualys Cloud Platform release 2.17 which includes updates and new features for:

  • Cloud Agent Platform (version 1.8.0)
  • Continuous Monitoring (version 1.16.0)
  • Security Assessment Questionnaire (version 2.2.0)

Continue reading …