S&P 600 Component
|Founder||Philippe Langlois and Gilles Samoun|
|Headquarters||Foster City, California, United States|
|Philippe Courtot, CEO and Chairman|
|Revenue||$197.9 million (2016)|
|$19.2 million (2016)|
Number of employees
|1001 (July 2018)|
Qualys, Inc. provides cloud security, compliance and related services and is based in Foster City, California. Founded in 1999, Qualys was the first company to deliver vulnerability management solutions as applications through the web using a "software as a service" (SaaS) model, and as of 2013 Gartner Group for the fifth time gave Qualys a "Strong Positive" rating for these services. It has added cloud-based compliance and web application security offerings.
Qualys has over 10,300 customers in more than 130 countries, including a majority of the Forbes Global 100. The company has strategic partnerships with major managed services providers and consulting organizations including BT, Dell SecureWorks, Fujitsu, IBM, NTT, Symantec, Verizon, and Wipro. The company is also a founding member of the Cloud Security Alliance (CSA).
Qualys was founded in 1999. The company launched QualysGuard in December 2000, making Qualys one of the first entrants in the vulnerability management market. The QualysGuard Intranet Scanner was released in 2002 to automatically scan corporate LANs for vulnerabilities and search for an available patch. The following year, Qualys released FreeMap, a web-based tool for scanning, mapping and identifying possible security holes within networks connected to the Internet.
In 2005, Qualys extended its QualysGuard product line. In 2008, Qualys introduced QualysGuard Policy Compliance, which extended the platform’s global scanning capabilities to collect IT compliance data across the organization and map this information into policies to document compliance for auditing purposes. Qualys also released a service for web application scanning named QualysGuard Web Application Scanning (WAS). In 2010, at the RSA Conference USA, Qualys announced QualysGuard Malware Detection Service, a new service designed to scan and identify malware on web sites. It also announced the Qualys SECURE Seal, which allows websites to show visitors that it has passed security scans.
In July 2010, Qualys announced Qualys BrowserCheck, a service for checking web browsers and plug-ins for security vulnerabilities. At RSA Conference 2011, Qualys launched a new open source web application firewall project, IronBee, led by Ivan Ristic, the creator of ModSecurity and a director of engineering at Qualys. At the RSA Conference in 2012, Qualys introduced updates to the QualysGuard Cloud Platform, which extended its capabilities to help customers improve the security of their IT systems and applications, further automate their compliance initiatives for IT-GRC, and provide online protection against cyber-attacks while reducing operational costs and increasing the efficiency of their security programs.
Qualys went public on NASDAQ with the symbol QLYS on September 28, 2012, raising net proceeds of $87.5 million. At the 2014 RSA Conference, Qualys announced general availability of its QualyGuard Web Application Firewall (WAF), which provides protection for websites running on Amazon EC2 and on-premises, as well as a new Continuous Monitoring solution and free Top 4 Security Controls service. In 2015, the company released 2.0 of its WAF software which included virtual patching and customizable event responses. That same year, Qualys also released an IT security and compliance solution called Cloud Agent Platform. In August 2015, the company released a free asset management service, Qualys AssetView, that allowed organizations to keep inventory of computers and their software.
In February 2016, Qualys released ThreatPROTECT, a vulnerability detection service for its cloud-based platform.The company received full certification for its Configuration Management Databases (CMDBs) App for ServiceNow, allowing the app to be integrated into ServiceNow's system in March 2016. In July 2016, it was announced that Qualys would integrate with Microsoft Azure Security Center. In August 2017, Qualys acquired the network analysis assets from Nevis Networks for an undisclosed sum. In December 2017, Qualys announced its acquisition of NetWatcher, a network security company.
In 2010, Inc. magazine ranked Qualys within 5000 fastest growing private companies in the USA based on 104% revenue growth from 2006 to 2009. In 2012 Silicon Valley/San Jose Business Journal has recognized Qualys as one of the largest private companies in Silicon Valley – ranking 26th in a list of 51.
In November 2014, Qualys received the 2014 Security Reader's Choice Awards for Best Risk and Policy Compliance Solution, Best Application Security Product, and Best Vulnerability.
In 2017 Frost & Sullivan Recognizes Qualys with 2017 Global Vulnerability Management Market Leadership Award.
Qualys Honored by Cyber Defense Magazine as a 2017 Cyber Security Leader.
- "Qualys Inc". Google Finance. Retrieved 30 October 2017.
- https://www.linkedin.com/company/qualys/. Retrieved 8 February 2017. Missing or empty
- Meghan Kelly (28 September 2012). "Cloud security company Qualys up 18 percent on IPO after the markets close". VentureBeat. Retrieved 1 May 2014.
- "Vendor Product/Service Analysis". Gartner. Retrieved 18 May 2014.
- Enterprise Cloud Security Firm Qualys Files For $100 Million IPO | TechCrunch
- "Qualys Earns Highest Rating Possible of "Strong Positive" for Fifth Time in Gartner's MarketScope for Vulnerability Assessment". Qualys. 17 September 2013. Retrieved 18 December 2016.
- "Customer stories". Qualys, Inc. Retrieved 10 July 2018.
- Find a Partner | Qualys, Inc
- About : Cloud Security Alliance
- "Qualys Introduces Cloud Continuous Monitoring". Diversity. Retrieved 18 May 2014.
- Cloud Security Vendor Qualys Ready for IPO | Sramana Mitra
- Marin Courtney (30 September 2002). "Tool scours networks for threats". Network Week.
- David M. Ewalt (26 May 2003). "Free Network Check". Information Week.
- "Qualys Adds Security and Regulatory Policy Compliance to SaaS Offering". The Windows Observer. Archived from the original on 13 March 2013. Retrieved 18 May 2014.
- Psst, Mister, Scan Your Site for Malware – For Free? | Maureen O'Gara
- Qualys to offer free domain scanning and security assurance seals
- Infosecurity - Free web browser and plug-in security service launched
- IronBee Open Source WAF Project Launches - eSecurity Planet
- "Forensics and Incident Response". www.peerlyst.com. Retrieved 23 May 2016.
- RSA 2012: Qualys Updates Cloud Platform, Launches Web Application Firewall Service | Security Blog Archived 2012-06-21 at the Wayback Machine.
- Ingrid Lunden (28 September 2012). "Cloud Security Firm Qualys' IPO Opens At $12/Share, Raising $71.8M". TechCrunch. Retrieved 1 May 2014.
- "RSA news round-up". IT Security Guru. Retrieved 18 May 2014.
- Jackson, Joab (23 April 2015). "Qualys Devises a Virtual Patch to Protect Against Vulnerabilities". Computerworld. Retrieved 18 December 2016.
- Kovacs, Eduard (21 April 2015). "Qualys Web Application Firewall 2.0 Brings Virtual Patching, Event Response". Security Week. Retrieved 18 December 2016.
- Barker, Ian. "New Cloud Agent Brings Enterprises Greater Security and Asset Control". BetaNews. Retrieved 18 December 2016.
- Jackson, Joab (6 August 2016). "Qualys Offers Free IT Asset Management Service for Enterprises". Computerworld. Retrieved 18 December 2016.
- Vizard, Mike (5 August 2016). "Qualys Unfurls Free Asset Inventory Service in the Cloud". IT Business Edge. Retrieved 18 December 2016.
- Barker, Ian (29 February 2016). "New Service Help sOrganizations Visualize and Prioritize Security Threats". BetaNews. Retrieved 18 December 2016.
- VanDervoort, Oliver (7 March 2016). "Qualys App for ServiceNow CMDB Gets Certification". Enterprise Cloud. Retrieved 18 December 2016.
- Mackie, Kurt (21 July 2016). "MIcrosoft Azure Security Center Goes Live". Redmond Magazine. Retrieved 18 December 2016.
- "Qualys to Acquire Assets of Nevis Networks". Dark Reading. 1 August 2017.
- "Brief-Qualys Announces Agreement to Acquire Assets of Nevis Networks". Reuters. 1 August 2017.
- Charlie Osborne (December 1, 2017). "Qualys snaps up NetWatcher security assets". ZD Net. Retrieved December 9, 2017.
- Michael Novinson (November 29, 2017). "Qualys To Buy Threat Detection Startup NetWatcher To Strengthen Ties With MSSPs". CRN. Retrieved December 9, 2017.
- "Awards". Retrieved 18 May 2014.
- "The Sponsors" (PDF). SC Magazine. Retrieved 18 May 2014.
- "Results 2014". SC Magazine Awards 2014 Europe. Archived from the original on 21 May 2014. Retrieved 18 May 2014.
- The 2010 Inc. 5000 List - JurInnov through Busey Group | Inc.com
- Qualys Ranks 26th in Silicon Valley/San Jose Business Journal’s Largest Private … | Qualys, Inc
- Silicon Valley Business Journal - 2012-08-03 digital edition
- "Qualys Earns Highest Rating Possible of "Strong Positive" for Fifth Time in Gartner's MarketScope for Vulnerability Assessment". Marketwired. Retrieved 18 May 2014.
- "2014 Information Security Readers' Choice Winners". TechTarget. Retrieved 29 March 2015.
- "SANS Best of Awards". SANS Institute. Retrieved 27 September 2016.
- Inc., Qualys,. "Frost & Sullivan Recognizes Qualys with 2017 Global Vulnerability Management Market Leadership Award". www.prnewswire.com. Retrieved 2018-02-15.
- "Cyber Security Leaders 2017 – Cyber Defense Magazine". www.cyberdefensemagazine.com. Retrieved 2018-02-15.
- Official website
- Qualys SSL Labs Vulnerability Scanner
- Hoge, Patrick (December 19, 2008). "Friday, December 19, 2008 Network security firm Qualys floats to top of cloud computing Redwood City company to do $50M". San Francisco Business Times. Retrieved 10 January 2010.
- Hines, Matt (October 16, 2007). "Core, Qualys to enter Web apps scanning market". InfoWorld. Retrieved 10 January 2010.
- Rash, Wayne (December 9, 2002). "Inside information - QualysGuard service strengthened with an intranet scanner appliance.(Qualisguard Intranet Scanner Applicance)(Hardware Review) (Product/Service Evaluation)". InfoWorld. Retrieved 10 January 2010.
- "Qualys Updates Network Security Auditing Security audits are automated and unalterable, describing when the audit was performed, what vulnerabilities were uncovered, how to fix them, when they were assigned and to whom, and when repairs were successfully implemented". Internet Week. April 16, 2003. Retrieved 10 January 2010.