From Wikipedia, the free encyclopedia
Jump to: navigation, search
Qualys, Inc.
Type Public
Industry Security
Founded 1999
Founder(s) Philippe Langlois and Gilles Samoun
Headquarters Redwood Shores, CA, United States
Area served Global
Key people Philippe Courtot
Services QualysGuard IT Security and Compliance Suite, QualysGuard Vulnerability Management, QualysGuard Policy Compliance, QualysGuard PCI Compliance, QualysGuard Web Application Scanning, QualysGuard Web Application Firewall, QualysGuard Malware Detection Service, Qualys BrowserCheck
Revenue 76 million[1]
Employees 310[1]
Website qualys.com

Qualys, Inc. is a provider of cloud security, legal compliance and related software based in Redwood Shores, California. Founded in 1999,[2] Qualys was the first company to deliver vulnerability management solutions as applications through the web using a "software as a service" (SaaS) model, and as of 2012 the company is considered to have remained the market leader for such products.[3][4] Qualys claims more than 5,800 customers in more than 100 countries, including 51 of the Forbes Global 100.[5] The company has strategic partnerships with major managed service providers and consulting organizations including BT, Dell SecureWorks, Fujitsu, IBM, NTT, Symantec, Verizon, and Wipro.[6] The company is also a founding member of the Cloud Security Alliance (CSA).[7]


Qualys was founded in 1999 at the height of the dot com boom, when Internet security was beginning to appear on executive agendas. The company launched QualysGuard in December 2000, making Qualys one of the first entrants in the vulnerability management market.[8]

In 2005, Qualys extended its QualysGuard product line.[9] Qualys' move into IT compliance management has particularly benefited the company’s client base in such heavily regulated industries as financial services, retail, manufacturing, government and health care. In 2008, Qualys introduced QualysGuard Policy Compliance; which extended the platform’s global scanning capabilities to collect IT compliance data across the organization and map this information into policies to document compliance for auditing purposes.[10]

Qualys also released a service for web application scanning named QualysGuard Web Application Scanning (WAS). In 2010 at RSA Conference USA, Qualys¬Guard announced a new service helping to scan and identify malware on web sites, called QualysGuard Malware Detection Service,.[11][12] It also announced the Qualys SECURE Seal, to help web sites show its visitors that its site has passed security scans.[13]

In July 2010, Qualys announced a new free service for checking web browsers and plug-ins for security vulnerabilities, Qualys BrowserCheck.[14]

At RSA Conference 2011, Qualys launched a new open source web application firewall project, IronBee,[15] led by Ivan Ristic, the creator of Mod Security. At the RSA Conference in 2012, Qualys introduced new services and major technological innovations to the QualysGuard Cloud Platform extending its capabilities to help customers improve the security of their IT systems and applications, further automate their compliance initiatives for IT-GRC, and provide online protection against cyber attacks while reducing operational costs and increasing the efficiency of their security programs. It also announced the beta of its new cloud web application firewall, the QualysGuard Web Application Firewall.[16][17]

On June 8, 2012, Qualys announced that it filed a registration statement on Form S-1 with the Securities and Exchange Commission relating to a proposed initial public offering of shares of its common stock.[5]


The company's flagship product line, the QualysGuard Security and Compliance Suite, uses the software-as-a-service (SaaS) model. It is available as an Enterprise Edition for large, distributed organizations, and as an Express Edition for small to mid-sized businesses. It is made up of these products:

  • QualysGuard Vulnerability Management – globally deployable, scalable security risk and vulnerability management
  • QualysGuard Policy Compliance – defines, audits and documents for full IT security compliance
  • QualysGuard PCI Compliance – automated PCI compliance validation for merchants and acquiring institutions
  • QualysGuard Web Application Security – scalable, automated web application security assessment and reporting
  • Free QualysGuard Malware Detection – performs daily scans of web sites and alerts web site owners of any malware issues
  • Qualys SECURE Seal – allows businesses to scan web sites for presence of malware, network and web application vulnerabilities, as well as SSL certificate validation, and place a "Qualys SECURE" seal on their sites when secure
  • Free Qualys BrowserCheck – free service allowing anyone to scan their browser and ensure their browsers and plug-ins are secure and up-to-date.

In addition to the main suite, Qualys also offers:

  • Qualys' Vulnerability R&D Lab conducts a monthly, second-Tuesday videocast to discuss the vulnerabilities and threats present in Microsoft Windows.[18]
  • SSL Labs - page with resources and free tools for assessing use of SSL[19]
  • IronBee - open source project to build a universal web application firewall sensor in the cloud through collective efforts of the community.[20]
  • Slow HTTP Test, a free, open-source and highly configurable application that mimics some Application Layer Denial of Service attacks, was released in August 2011[21] and the tool is available on Softpedia's database of software programs for Mac OS.[22]

Company profile[edit]

2011 revenue was $76 million; the number of employees: 310.[23] Qualys states that over 5,800 corporations use its products, including prominent worldwide organizations as well as small and medium-sized businesses in various industries.[5][24] In 2010, Inc. magazine ranked Qualys within 5000 fastest growing private companies in the USA based on 104% revenue growth from 2006 to 2009.[25] In 2012 Silicon Valley/San Jose Business Journal has recognized Qualys as one of the largest private companies in Silicon Valley – ranking 26th in a list of 51.[26][27]

Venture capital firms and companies that have invested in Qualys include ABS Ventures, GRP Partners, HP, Trident Capital and VeriSign.[3]

See also[edit]

HP, Lumension, McAfee, nCircle, N-Stalker, Rapid7,


  1. ^ a b http://www.networkworld.com/cgi-bin/mailto/x.cgi?pagetosend=/news/2012/022112-qualys-ipo-256396.html&pagename=/news/2012/022112-qualys-ipo-256396.html&pageurl=http://www.networkworld.com/news/2012/022112-qualys-ipo-256396.html&site=printpage&nsdr=n
  2. ^ Enterprise Cloud Security Firm Qualys Files For $100 Million IPO | TechCrunch
  3. ^ New Forrester Wave Evaluation: Vulnerability Management Products | Forrester Blogs
  4. ^ MarketScope for Vulnerability Assessment
  5. ^ a b c http://www.sec.gov/Archives/edgar/data/1107843/000119312512265366/d355355ds1.htm
  6. ^ Find a Partner | Qualys, Inc
  7. ^ About : Cloud Security Alliance
  8. ^ Cloud Security Vendor Qualys Ready for IPO | Sramana Mitra
  9. ^ Qualys Introduces Policy Compliance to Widely Adopted On Demand Vulnerability Ma… | Qualys, Inc
  10. ^ Qualys Delivers First Integrated SaaS Solution for Security and Compliance | Qualys, Inc
  11. ^ Psst, Mister, Scan Your Site for Malware – For Free? | Maureen O'Gara
  12. ^ Business Technology News, Analysis and Context | ITBusinessEdge.com
  13. ^ Qualys to offer free domain scanning and security assurance seals
  14. ^ Infosecurity - Free web browser and plug-in security service launched
  15. ^ IronBee Open Source WAF Project Launches - eSecurity Planet
  16. ^ RSA 2012: Qualys Updates Cloud Platform, Launches Web Application Firewall Service | Security Blog
  17. ^ QualysGuard Web Application Firewall (WAF)
  18. ^ Laws.Qualys.com, The Laws of Vulnerabilities
  19. ^ [1], SSL Labs
  20. ^ [2], IronBee
  21. ^ Researcher To Release Free 'Slow HTTP Attack' Tool - Dark Reading
  22. ^ Download SlowHTTPTest for Mac Free
  23. ^ "Valley's fastest growing companies honored". 14 October 2010. 
  24. ^ Qualys.com, Customers
  25. ^ The 2010 Inc. 5000 List - JurInnov through Busey Group | Inc.com
  26. ^ Qualys Ranks 26th in Silicon Valley/San Jose Business Journal’s Largest Private … | Qualys, Inc
  27. ^ Silicon Valley Business Journal - 2012-08-03 digital edition

External links[edit]