Organizations that use automated scanners to test the security of their web apps must watch out for instances where these tools may trigger user account lockouts inadvertently. Here we explain why this occurs and offer some tips for how to prevent this from happening with Qualys Web Application Scanning (WAS).
By now, security pros everywhere have heard about SAMSAM, the sinister ransomware attack that exploits years-old vulnerabilities in JBoss and has hit hospitals particularly hard. The spread and “success” of SAMSAM shines the spotlight on the well-known infosec problem of prioritizing vulnerability remediation work.
Qualys’ library of built-in policies makes it easy to comply with commonly adhered to security standards and regulations. Qualys provides a wide range of policies, including many that have been certified by CIS as well as ones based on security guidelines from vendors such as Microsoft and VMware.
In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library monthly.
Last year, Qualys released our powerful new solution, AssetView and began activating the service on request during the initial deployment.
The new search and dashboard features have been very well received, and we are in the final phases of activating the service in most customers’ accounts! Over the coming weeks we will be enabling this service in your account which will replace the Asset Management module.
No action is required on your part. Once completed, you will see the AssetView module in your account and you can begin using the ElasticSearch and Dashboards immediately.