All Posts in Qualys Technology

474 posts

Secure Remote Endpoints from Vulnerabilities in Video Conferencing & Productivity Applications like Zoom

With millions working, learning and collaborating remotely due to COVID-19 challenges, there’s an explosion of remote endpoints running Zoom and other collaboration and productivity applications such as Outlook, Teams, Webex, Slack, Office 365 and more. As remote endpoints are accessing organizations’ critical assets and data, more and more cyberattacks are targeting remote endpoints for exploiting weaknesses and vulnerabilities in collaboration tools like Zoom.

Continue reading …

New Features in Qualys Vulnerability Management and Policy Compliance

Today we are excited to announce several new features, workflows, and new technology support in Qualys Vulnerability Management and Policy Compliance.

These new features will be deployed as a part of QWEB 10.0 and Portal 3.0 release versions.

Continue reading …

Real-Time Alerting and Incident Management for Unauthorized Changes

The security landscape is constantly changing, and you need to adopt proactive measures to stay ahead of security breaches by being extremely vigilant about every little change in your environment. In our previous blog, we discussed how you can leverage the ready-to-use monitoring profiles in your CI/CD pipeline to start monitoring your critical system and application files. However, just setting files to monitor isn’t sufficient. You need a layer of ‘real-time detection’ to eliminate all blind spots in your network. Hence, once you are done configuring the “what to monitor” part in your environment, the next step is to configure the correlation rules to generate real-time alerts for changes and create authorized or unauthorized incidents automatically. Receiving instant alerts upon file changes in your network is the next line of defense mechanism for you to mitigate impending loss of data.

Continue reading …

Secure ElasticSearch, Kafka & Other Microservices with Qualys Cloud Platform

In this era of Digital Transformation, microservices are rapidly gaining popularity within continuously deployed systems. Organizations have moved away from the rigid monolithic architectures to more flexible ones that are based on microservices. Lots of organizations handling large amounts of real-time data use microservices such as Kafka and ElasticSearch, mainly due to the operational simplicity and speed of performance that they provide. However, this substantially increases the attack surface because of the exposed APIs and open ports.

Continue reading …

How to Install the Qualys Cloud Agent for Remote Workforce

The Qualys Cloud Agent can be automatically deployed using any third-party software deployment tools including Microsoft SCCM, Microsoft Intune, Microsoft GPO, HCL BigFix, Dell KACE, and others.

For remote or roaming users, deploying packages using software deployment tools requires that the target system must be able to connect to the deployment management console while on the network or, if remote, using cloud-based console, using a VPN connection, or to allow remote users to access on-premises management console through DMZ or other inbound rules.

This post describes common deployment models and best practices to deploy the Cloud Agent for remote workforce.

Continue reading …

Secure Your Global Remote Workforce

IT organizations around the world are responding to the challenge posed by COVID-19 by ensuring that employees are able to work productively from remote locations. As we are experiencing neverbeforeseen explosion of remote endpoints connecting to critical assets of the organization, security of these endpoints is on top of the mind of all IT and Security professionals. As we look for ways to secure these endpoints, it is becoming immediately clear that traditional enterprise security solutions deployed inside the organization’s network are completely ineffective in protecting these remote endpoints. The sheer volume of remote endpoints connecting over VPN gateways is already creating a lot of bandwidth pressure, adding large security updates delivered to thousands of endpoints is becoming impractical. 

Continue reading …

Cyber Criminals using Coronavirus Fears to Spread Information-Stealing Malware

Cyber criminals have been leveraging trending cultural and viral news items that drive interest from millions of individuals as mechanisms to target and distribute malware easily and effectively.  In the past, cyber criminals have used topics including international sports championships, celebrity divorces, and political elections to spread their malware.

The Coronavirus (COVID-19) pandemic is the latest vehicle for these types of attacks.  The conditions of this pandemic are ripe for wide-scale malware distribution: large geographic base affecting both businesses and consumers, fear and uncertainty on the impact of the virus, and the increased use of social media and person-to-person electronic communications to spread news, information, and opinions.

Last week, a new malware attack focused on these effects.  A cyber criminal group created a fake Corona Map application for Windows embedded with information stealing malware that once downloaded and installed by the user starts collecting and sending sensitive data like passwords, credit card numbers, bank accounts, and other sensitive data.

Continue reading …

Automated and Scalable Audit Workflows with Qualys Security Assessment Questionnaire

Risk and compliance management is a multi-faceted domain with concentrated endeavors towards reducing unacceptable risk potential that could disrupt business, or otherwise negatively impact business performance. IT GRC (Governance, Risk and Compliance) comprises many tasks related to business and IT across an entire enterprise. The compliance laws and requirements are put in place to not only protect your business, but also your customers.

The Qualys Cloud Platform, with its expansive solutions, helps you to conform to various regulatory mandates such as HIPAA, SOX, PCI-DSS, Sarbanes-Oxley and so on.

Continue reading …

Detect Apache Tomcat AJP File Inclusion Vulnerability (CVE-2020-1938) using Qualys WAS

As previously reported, a severe vulnerability exists in Apache Tomcat’s Apache JServ Protocol. The Chinese cyber security company Chaitin Tech discovered the vulnerability, named “Ghostcat”, which is tracked using CVE-2020-1938 and rated critical severity with a CVSS v3 score of 9.8.

This blog post details how web application security teams can detect this vulnerability using Qualys Web Application Scanning (WAS). This new Qualys WAS detection complements the detection that uses Qualys VMDR®.

Continue reading …

Policy Compliance Library Updates, March 2020

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS and application vendors and other industry best practices.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

The March release introduces 3 CIS Benchmark policies, 6 DISA STIG policies, and provides updates to several existing policies in the Qualys Content Library.

Qualys’ Certification Page at CIS has been updated.

Continue reading …