Cloud Computing

TMCnews Featured Article

February 16, 2011

Qualys Announces Security-as-a-Service Platform

By Rajani Baburajan, TMCnet Contributor

Qualys, a provider of on-demand IT security risk and compliance management solutions, announced its Security-as-a-Service platform to host the QualysGuard IT security and compliance Software-as-a-Service (SaaS (News - Alert)) suite of applications in the cloud.

The new Qualys security-as-a-service platform offers an integrated framework with new functionality in all Qualys (News - Alert) security and compliance applications. The integration benefits of the new platform will touch all security and compliance applications hosted by the platform, company officials said. With the new platform, users will get job management, modular services to ensure highest uptime and performance, dynamic analysis and reporting capability, and support for physical and virtual appliances – from Qualys or deployment by other cloud solution providers.

“This new backend and injection of open source technologies combined with the Web 2.0 front end has been in the making for over two years,” said Philippe Courtot, chairman and CEO for Qualys, in a statement. “Unlike with enterprise software, our SaaS implementation allows us to bring these new performance capabilities and major enhancements transparently to our existing users.”

The new Qualys platform is operational now for Malware Detection 1.0 and SECURE Seal 1.0. The platform will be in the Web Application Scanning (WAS) 2.0 Beta. Migration of QualysGuard Vulnerability Management (VM), Policy Compliance (PC) and PCI (News - Alert) Compliance solutions will be done in phases in 2011.

The new platform uses open source and commercial technologies such as Web 2.0 user interface (UI) and a Java-based backend infrastructure. The browser integrates with the platform’s backend via a standard JSON API and Web Services API.

The Web Services API provides the interface to all Qualys IT security and compliance applications. Platform services and engines include Reporting and Dashboard, Questionnaire and Collaboration, Remediation and Workflow, Correlation and Risk Calculation, and Alerts and Notification.

The platform’s data layer includes modules for Scan Management and Scheduling, Indexing and Tagging, and Data Management and Security.

In another related development reported on TMCnet, the company announced the integration of its QualysGuard Vulnerability Management with Trend Micro (News - Alert) Threat Intelligence and Trend Micro Deep Security to help customers more efficiently remediate threats and proactively plan their security strategies. 

Rajani Baburajan is a contributing editor for TMCnet. To read more of Rajani's articles, please visit her columnist page.

Edited by Jennifer Russell