What Qualys Does
Qualys is an award-winning solution that provides critical security intelligence on demand. It automates the full spectrum of auditing, compliance, and protection for Internet perimeter systems, internal networks, and web applications. The platform offers a global view of an organization’s security and compliance posture, making it suitable for organizations of all sizes, including Fortune 500 and Forbes Global 2000 companies, as well as small to medium businesses and managed service providers.
Key Features and Functionality
Vulnerability Management
Qualys Vulnerability Management (VM) continuously scans and identifies vulnerabilities with high accuracy (Six Sigma 99.99966%), protecting IT assets on premises, in the cloud, and on mobile endpoints. It provides immediate, global visibility into potential vulnerabilities and offers recommendations for patches and remediation.
Asset Detection and Inventory
The platform includes robust asset detection capabilities, allowing organizations to inventory all managed and unmanaged assets, including hardware, software, IT, and IoT assets. It tags and categorizes critically vulnerable assets and continuously monitors them for new vulnerabilities.
Continuous Monitoring
Qualys Continuous Monitoring (CM) is a next-generation service that identifies threats and unexpected changes in the Internet perimeter in real-time. It tracks changes in Internet-facing devices and notifies IT staff promptly, enabling proactive action against potential breaches.
Cloud Platform and Sensors
The Qualys Cloud Platform is powered by cloud agents, virtual scanners, and network analysis capabilities. It includes physical, virtual, and cloud-based scanner appliances, as well as lightweight cloud agents that install locally on host assets to collect and analyze data. These sensors provide continuous visibility into all IT assets without the need for scan windows, credentials, or firewall changes.
Incident Response and Remediation
Qualys streamlines incident response by correlating vulnerabilities and patches for specific hosts. It automates the deployment of available patches, which is particularly beneficial in fast-paced DevOps environments. The platform also protects and patches containers in Container-as-a-Service environments.
Compliance and Reporting
Qualys generates custom, role-based reports for multiple stakeholders, including automatic security documentation for compliance auditors. It supports various compliance standards such as PCI, HIPAA, and more, and provides a centralized administrative panel for managing vulnerabilities and patches.
User Interface and Customization
The platform features a clean, interactive, and customizable user interface. The latest updates include a redesigned home page, customizable dashboards, and enhanced support for Qualys Query Language (QQL) for complex searches. The interface allows users to mix and match widgets from various modules to gain holistic insights and create a personalized workspace.
Scalability and Accessibility
Qualys is highly scalable and can be accessed 24x7x365 from any web browser. It maintains 99% availability and is updated transparently without interrupting user services. The platform scales with the growth of an organization’s network, allowing easy addition or removal of IP addresses as needed.
In summary, Qualys is a robust, cloud-based security and compliance solution that offers comprehensive vulnerability management, continuous monitoring, asset detection, automated remediation, and compliance reporting, all integrated into a scalable and user-friendly platform.