Browse by Year:

CIO Review >> Magazine >> October - 2016 issue

Qualys: Standing out with Broad, Integrated Cloud Platform in the Fragmented Infosec Market


The enterprise information security market is crowded with noisy vendors, including legacy companies peddling outdated software and startups hawking niche solutions. This jumbled landscape vexes CISOs. However, with its scalable and flexible cloud architecture, Qualys stands apart, offering CISOs the value, transparency and results they’re seeking. The Qualys cloud platform’s suite of 10 integrated solutions for IT security and compliance gives customers seamless, broad and comprehensive visibility and intelligence into all of their IT environment’s assets on premises, in the cloud and at mobile endpoints. To assemble this set of services, an organization would have to acquire and manually integrate point solutions from multiple vendors.

“Organizations want to consolidate their security vendors, and we’re well positioned in that respect. With the breadth of our offerings, we give customers more and better functionality at a lower cost of ownership via a single SaaS platform we host and maintain,” says Sumedh Thakar, Chief Product Officer, Qualys.

Qualys’ Vulnerability Management along with its companion Asset View services give customers a continuous global view of the IT assets and respective vulnerabilities, while its new ThreatPROTECT helps organizations quickly prioritize remediation. Also, Qualys has expanded its platform beyond VM. Web Application Scanning lets customers discover, catalog and scan all their web apps to detect website misconfigurations and vulnerabilities, including cross-site scripting (XSS) and SQL injection. Meanwhile, Security Assessment Questionnaire automates and simplifies auditing of supply chain partners and other third parties. To broaden its monitoring methods, Qualys launched its Cloud Agent platform, whose lightweight software agents install on a broad variety of assets, letting Qualys detect changes and assess their security and compliance status.

Solution for the new perimeter-less world

“Web applications and other technologies have created a perimeter-less world for IT environments,” says Thakar. Network endpoints, previously limited to office-bound desktop PCs, now include mobile devices, web apps, IoT sensors, wearables and cloud instances.

CISOs know that to prevent breaches, their organizations must quickly and constantly collect and analyze enormous amounts of network and IT asset data from a perimeter whose boundaries have been blurred. Complexity has grown, as has the speed with which attacks are launched. This is where legacy on-premises enterprise security software falls short. The scalability the Qualys Cloud Platform provides to identify all IT assets and vulnerabilities, and plan remediation quickly and continuously is what organizations seek. The platform is used by 8,800 customers in more than 100 countries, including a majority of each of the Forbes Global 100 and Fortune 100.

In a market primed for consolidation, as many vendors fight obsolescence and struggle financially, Qualys has leading technology and a growing business. The industry has finally come Qualys’ way and realized cloud security software is more affordable, easier to manage and altogether superior.