Qualys: Difference between revisions

Qualys, Inc.

Company type	Public
Traded as	Nasdaq: QLYS
Industry	Security
Founded	1999
Founder	Philippe Langlois and Gilles Samoun
Headquarters	Redwood Shores, California , United States
Area served	Global
Key people	Philippe Courtot, CEO and Chairman
Services	Vulnerability management Web application scanning Web application firewall Policy compliance PCI compliance
Revenue	107.9 million[1]
Net income	$1.6 million[1]
Number of employees	406[1]
Website	qualys.com

Qualys, Inc. is a provider of cloud security, compliance and related services for small and medium-sized businesses and large corporations based in Redwood Shores, California.^[2][3] Founded in 1999,^[4] Qualys was the first company to deliver vulnerability management solutions as applications through the web using a "software as a service" (SaaS) model, and as of 2013 Gartner Group for the fifth time gave Qualys a "Strong Positive" rating for these services.^[5] It has added cloud-based compliance and web application security offerings.

Qualys has over 6,700 customers in more than 100 countries, including a majority of the Forbes Global 100.^[6][1] The company has strategic partnerships with major managed services providers and consulting organizations including BT, Dell SecureWorks, Fujitsu, IBM, NTT, Symantec, Verizon, and Wipro.^[7] The company is also a founding member of the Cloud Security Alliance (CSA).^[8][9]

History

Qualys was founded in 1999. The company launched QualysGuard in December 2000, making Qualys one of the first entrants in the vulnerability management market.^[10] The QualysGuard Intranet Scanner was released in 2002 to automatically scan corporate LANs for vulnerabilities and search for an available patch.^[11] The following year, Qualys released FreeMap, a web-based tool for scanning, mapping and identifying possible security holes within networks connected to the Internet.^[12]

In 2005, Qualys extended its QualysGuard product line. In 2008, Qualys introduced QualysGuard Policy Compliance, which extended the platform’s global scanning capabilities to collect IT compliance data across the organization and map this information into policies to document compliance for auditing purposes.^[13] Qualys also released a service for web application scanning named QualysGuard Web Application Scanning (WAS). In 2010, at the RSA Conference USA, Qualys announced QualysGuard Malware Detection Service, a new service designed to scan and identify malware on web sites.^[14] It also announced the Qualys SECURE Seal, which allows websites to show visitors that it has passed security scans.^[15]

In July 2010, Qualys announced Qualys BrowserCheck, a service for checking web browsers and plug-ins for security vulnerabilities.^[16] At RSA Conference 2011, Qualys launched a new open source web application firewall project, IronBee,^[17] led by Ivan Ristic, the creator of ModSecurity and a director of engineering at Qualys. At the RSA Conference in 2012, Qualys introduced updates to the QualysGuard Cloud Platform, which extended its capabilities to help customers improve the security of their IT systems and applications, further automate their compliance initiatives for IT-GRC, and provide online protection against cyber-attacks while reducing operational costs and increasing the efficiency of their security programs.^[18]

Qualys went public on NASDAQ with the symbol QLYS on September 28, 2012, raising net proceeds of $87.5 million.^[2][19] At the 2014 RSA Conference, Qualys announced general availability of its QualyGuard Web Application Firewall (WAF), which provides protection for websites running on Amazon EC2 and on-premise, as well as a new Continuous Monitoring solution and free Top 4 Security Controls service.^[9][20]

On April 7, 2014, the OpenSSL security bug, Heartbleed, was publicly disclosed. The following day, Qualys released a detection for Heartbleed through its Qualys SSL Labs and QualysGuard Vulnerability Management (VM).^[21][22]

Awards

SC Magazine has awarded Qualys for its security software solutions every year from 2004-2014.^[23][24] SC Magazine also awarded Qualys "Best Security Company" in 2014.^[25] However, it should be noted that Maurice Hampton, director, field operations at Qualys, sits on SC Magazine's editorial advisory board.^[26]

In 2010, Inc. magazine ranked Qualys within 5000 fastest growing private companies in the USA based on 104% revenue growth from 2006 to 2009.^[27] In 2012 Silicon Valley/San Jose Business Journal has recognized Qualys as one of the largest private companies in Silicon Valley – ranking 26th in a list of 51.^[28][29][30]

See also

• Lumension
• McAfee

References

1. "QLYS-2013 10-K". United Securities and Exchange Commission. Retrieved 1 May 2014.
2. Meghan Kelly (28 September 2012). "Cloud security company Qualys up 18 percent on IPO after the markets close". VentureBeat. Retrieved 1 May 2014. {{cite web}}: Italic or bold markup not allowed in: |publisher= (help)
3. "Vendor Product/Service Analysis". Gartner. Retrieved 18 May 2014.
4. Enterprise Cloud Security Firm Qualys Files For $100 Million IPO | TechCrunch
5. New Forrester Wave Evaluation: Vulnerability Management Products | Forrester Blogs
6. http://www.sec.gov/Archives/edgar/data/1107843/000119312512265366/d355355ds1.htm
7. Find a Partner | Qualys, Inc
8. About : Cloud Security Alliance
9. "Qualys Introduces Cloud Continuous Monitoring". Diversity. Retrieved 18 May 2014.
10. Cloud Security Vendor Qualys Ready for IPO | Sramana Mitra
11. Marin Courtney (30 September 2002). "Tool scours networks for threats". Network Week.
12. David M. Ewalt (26 May 2003). "Free Network Check". Information Week. {{cite news}}: Cite has empty unknown parameter: |1= (help)
13. "Qualys Adds Security and Regulatory Policy Compliance to SaaS Offering". The Windows Observer. Retrieved 18 May 2014.
14. Psst, Mister, Scan Your Site for Malware – For Free? | Maureen O'Gara
15. Qualys to offer free domain scanning and security assurance seals
16. Infosecurity - Free web browser and plug-in security service launched
17. IronBee Open Source WAF Project Launches - eSecurity Planet
18. RSA 2012: Qualys Updates Cloud Platform, Launches Web Application Firewall Service | Security Blog
19. Ingrid Lunden (28 September 2012). "Cloud Security Firm Qualys' IPO Opens At $12/Share, Raising $71.8M". TechCrunch. Retrieved 1 May 2014. {{cite web}}: Italic or bold markup not allowed in: |publisher= (help)
20. "RSA news round-up". IT Security Guru. Retrieved 18 May 2014.
21. "Qualys Releases Detection for HeartBleed OpenSSL Vulnerability". Marketwired. Retrieved 18 May 2014.
22. "How to check if your favorite websites are vulnerable to the Heartbleed bug". Digital Trends. Retrieved 18 May 2014.
23. "Awards". Retrieved 18 May 2014.
24. "The Sponsors" (PDF). SC Magazine. Retrieved 18 May 2014. {{cite web}}: Italic or bold markup not allowed in: |publisher= (help)
25. "Results 2014". SC Magazine Awards 2014 Europe. Retrieved 18 May 2014. {{cite web}}: Italic or bold markup not allowed in: |publisher= (help)
26. "Editorial Advisory Board - SC Magazine". Retrieved 27 March 2015.
27. The 2010 Inc. 5000 List - JurInnov through Busey Group | Inc.com
28. Qualys Ranks 26th in Silicon Valley/San Jose Business Journal’s Largest Private … | Qualys, Inc
29. Silicon Valley Business Journal - 2012-08-03 digital edition
30. "Qualys Earns Highest Rating Possible of "Strong Positive" for Fifth Time in Gartner's MarketScope for Vulnerability Assessment". Marketwired. Retrieved 18 May 2014.

External links

• Qualys web site
• Hoge, Patrick (December 19, 2008). "Friday, December 19, 2008 Network security firm Qualys floats to top of cloud computing Redwood City company to do $50M". San Francisco Business Times. Retrieved 10 January 2010.
• Hines, Matt (October 16, 2007). "Core, Qualys to enter Web apps scanning market". InfoWorld. Retrieved 10 January 2010.
• Rash, Wayne (December 9, 2002). "Inside information - QualysGuard service strengthened with an intranet scanner appliance.(Qualisguard Intranet Scanner Applicance)(Hardware Review) (Product/Service Evaluation)". InfoWorld. Retrieved 10 January 2010.
• "Qualys Updates Network Security Auditing Security audits are automated and unalterable, describing when the audit was performed, what vulnerabilities were uncovered, how to fix them, when they were assigned and to whom, and when repairs were successfully implemented". Internet Week. April 16, 2003. Retrieved 10 January 2010.