It is a very good product in terms of ease of deployment and management and I have personally implemented the solution at a financial institution.
The latest release of ThreatProtect is a cloud-based service that correlates external threat data against an organization’s internal vulnerabilities & lets IT pros automatically prioritize remediation work, such as patch deployment & risk mitigation.The dashboard displays entire threat posture at a glance and provides stats such as assets with active zero-day vulnerabilities.The release of our Cloud agent allows organizations to continuously monitor their systems for vulnerabilities and compliance violations in real-time with active alerts.
Current in beta is IOC,FIM and the new release of WAF 2.0 and WAS 2.0.
Qualys is continuously improving their products which speaks to the Cyber Security Framework of continuous monitoring
We’re excited to share with you the first preview of our next-generation grading. This is something that’s long overdue but, due to lack of available time, we managed to keep up patching the first-generation grading to keep up with the times. Now, finally, we’re taking the next necessary steps to modernise how we grade servers based on our assessments.
Before I show you the new version of the grading, I’d like to explain what we’re set out to achieve:
Qualys compiles and continuously updates a complete IT asset inventory to give you instant visibility across your entire IT environment — on premises, on endpoints and in the clouds. AssetView, the platform’s central “single pane of glass” interface, is fully customizable and lets customers see all their IT security and compliance data, drill down into details, generate reports and search for any asset.
The platform’s suite of more than 10 integrated, self-updating cloud apps serve the needs of all your security and compliance teams, such as those in charge of on-premises IT operations, web apps, DevSecOps, cloud services and endpoints.
The platform’s consolidated functionality includes vulnerability management, continuous monitoring, patching prioritization, indication of compromise, web app security, policy compliance, file integrity monitoring, container security, vendor risk assessments and passive network analysis.
More than 12 years
Asset Classification, Risk analysis,ThreatProtect, Cloud Agent, Patch management,Security Assessment Questionnaire (SAQ),Indicators of Compromise(IOC),File Integrity Monitoring and Activity(FIM/FIA)
We had no way of knowing what vulnerabilities was in our estate. By implementing the vulnerability solution allowed us to prioritize remediation efforts.
Reporting and Dashboard
None, it's very simple.
None , if we needed additional scanning capability we added an additional device into the network.
Yes, I evaluated McAfee Foundstone
It was straightforward, once the appliance was allocated an IP address and configured the gateway the device was ready to start scanning.
This product is very easy to manage with no hardware management overhead, ie patching etc. Qualys is a subscription based model, you pay per IP address and the appliance is owned by the vendor. If the device is faulty they swap it out.