Choose language:
Pratite nas:

Qualys

"QualysGuard" is part of INFIGO IS product portfolio related to vulnerability management and security compliance. As experienced information security company, INFIGO IS offers to its clients professional services and support in the area of vulnerability management together with our partner Qualys.


Qualys Cloud Platform overview

The Qualys Cloud Platform, also known as QualysGuard, consists of an integrated suite of solutions to help organizations simplify security operations and lower the cost of compliance by delivering critical security intelligence on demand and automating the full spectrum of auditing, compliance and protection for IT systems and web applications.

Qualys Cloud Platform is delivered via a multi-tenant shared cloud service or a private cloud, the Qualys Cloud Platform is the first security platform that provides you with continuous security and allows you to monitor, detect and protect your global network – from the perimeter to the core.

Qualys sensors, a core service of the Qualys Cloud Platform, make it easy to extend your security throughout your global enterprise. These sensors, which can be in the form of appliances or lightweight agents, are remotely deployable, centrally managed, and self-updating. They collect the data and automatically beam it up to the Qualys Cloud Platform, which has the computing power to continuously analyse and correlate the information to help you identify threats and eliminate vulnerabilities.

Qualys Internet Scanners

Internet Scanners provide fast and efficient external scanning including vulnerability scanning, compliance scanning and web application scanning. In this manner, Qualys scans and processes security audits in parallel for optimum speed of operations. The inference-based scanning engine employs an untrusted approach for accurate results, maximal coverage, and scalable performance.

Qualys Scanner Appliances

Scanner Appliances are hardware appliance versions of the Internet Scanners that bring Qualys' assessment capabilities to customers' internal networks. Installed in minutes and requiring no maintenance by the user, the hardened Linux appliance needs no special firewall configurations to obtain updates and new vulnerability signatures and perform scan jobs, returning results securely over a standard SSL-encrypted channel.

Qualys Virtual Scanners Appliances

Virtual Scanner Appliances are software-only scanner appliances that customers can deploy on their own internal infrastructure for maximum deployment flexibility. Virtual scanners are supported on many of the most common virtualization and cloud platforms including VMware, Amazon EC2, Microsoft Azure and Google Cloud. Like with the hardware-based scanners, customers can manage the virtual scanners from their Qualys accounts via a secure web interface, where all gathered scan data will be available for reporting and remediation. Installed in minutes and requiring no maintenance by the user, virtual scanner appliances needs no special configurations to obtain updates and new vulnerability signatures.

Qualys Cloud Agents

Cloud Agents provide an entirely new security assessment platform that can scale to handle millions of devices. These lightweight agents (3MB) can be installed anywhere — including any host such as a laptop, desktop, server or virtual machine. Qualys Cloud Agents extract and consolidate vulnerability and compliance data and update it continuously within the Qualys Cloud Platform for further analysis and correlation, thus providing a continuous view of the security compliance posture of the global network.

Qualys Suite

Built on top of Qualys' Infrastructure and Core Services, the Qualys Suite incorporates the following applications, all of which are delivered via the cloud; there is no new software to deploy or infrastructure to maintain. Each application leverages the same scan data.

Asset View

Is a free, cloud-based asset inventory service that lets you see and search millions of global IT assets, whether on premises, in the cloud or on mobile. Find devices, OSes, applications, services, ports, certificates, and any endpoints that might be added to your network, in seconds. Upgrade for continuous security and compliance at any time.

Vulnerability management

Automates the lifecycle of network auditing and vulnerability management across your global business. Gives you visibility into IT systems across your network, how they might be vulnerable to the latest Internet threats, and how to protect them.

Continious Monitoring

Delivers a comprehensive, always-on view of potential security holes enabling organizations to immediately identify and proactively address potential threats before they turn into breaches. Allows you to catch unexpected hosts, expiring SSL certificates, open ports, severe vulnerabilities, and undesired applications. Helps organizations identify the highest priority issues to enable fast and efficient mitigation and remediation.

ThreatPROTECT

Helps organizations visualize and prioritize their security threats at a glance. Correlates data from vulnerability scans and active threat data from multiple sources into a single dynamic dashboard to provide a holistic and contextual view of an organization’s threat exposure. Customers can act to minimize exposure from vulnerabilities related to the threats that matter most.

Policy Compliance

Helps organizations pass security audits and document compliance tied to corporate security policies, laws, and industry regulations, supporting the requirements of both internal and external auditors. Audits the configurations of your computers to see if they are enforcing password controls and other compliance policies.

Security Assessment Questionnaire

Centralizes and automates the gathering of risk data and compliance evidence from employees, partners, vendors, and other subject matter experts. Frees organizations from manual, labor-intensive approaches (such as email and spreadsheets) so that all phases of their assessment programs can be managed efficiently and reliably online.

PCI DSS Compliance

Provides small and medium-sized businesses with enterprise-level scanning and reporting that’s easy to implement and maintain. Enables large corporations to meet PCI compliance requirements for data protection on a global scale.

Web application scanner

Automatically discovers and catalogues all your web applications and continuously performs comprehensive, accurate scans to uncover critical vulnerabilities such as SQL injection, Cross-Site Scripting, and website misconfigurations. It then automatically notifies the Qualys Web Application Firewall to deploy virtual patches so you can stop web attacks and prevent data breaches.

Web application firewall

Allows organizations to monitor all web pages visited by users and automatically share this information back to Qualys WAS to ensure that no page is missed. By tightly integrating the scan and the firewall, you can quickly block attacks on web app vulnerabilities, prevent disclosure of sensitive information, and control where and when your applications are accessed.

Malware detection

Is a free service that proactively scans websites of any size, anywhere in the world, for malware infections and other threats, sending alerts to website owners. The enterprise edition with advanced reporting and notification options enables businesses to scan and manage many sites, preventing website black listing and brand reputation damage.

Secure SEAL

Enables online businesses of all sizes to scan their websites for the presence of malware, network, and application vulnerabilities, as well as SSL certificate validation. Once a website passes all four security scans, the service generates a Qualys SECURE seal for the merchant to display on their website, demonstrating to visitors that the company is committed to security.