introduction to qualysguard it risk saas services to qualysguard it risk saas services marek...

Introduction to QualysGuard

IT Risk SaaS Services

Marek Skalicky, CISM, CRISC

Regional Account Manager for Central & Adriatic Eastern Europe

Qualys at a Glance

Software-as-a-Service

(SaaS)

Founded in 1999 to deliver a SaaS VM

Expanded the service as suite of SaaS

Security and Compliance offerings

Last round of funding in 2004

300 employees (50% R&D and

Operations)

5600+ global customers

50% of Fortune 100

34% of Fortune 500

18% Forbes Global 2000

US 65%, EMEA 30%, Asia 5%

9,000+ scanner appliances in 85

countries

600+ million IP scans in 2011

Highest possible rating of “Strong

Positive”

Largest market share

Highest possible rating of “Leader”

“The leading vendor”

“Market Share Leadership”

3

Global Market Adoption

Insurance

Chemical

Internet

Retail

Technology

Consulting

Financial

Services

Global Market Adoption – continued

Media

Energ

y

Consumer

Healthcare

Manufacturing

Education

Transportation

Public Sector

A Unified and Continuous View of

ICT Security, Risks and Compliance

6

Device & Application Security The QualysGuard Cloud Platform and suite of integrated

applications allows enterprises to discover and catalog all

IT assets, and provides them with a continuous view of their

security and compliance posture on a global scale.

Benefits Fully automated continuous asset discovery, security &

compliance assessments.

Up-to-date security intelligence with no software

to install and maintain.

A Unified and Continuous View of

ICT Security, Risks and Compliance

7

IT-GRC Automation The QualysGuard Cloud Platform and suite

of integrated applications automates the collection

of security and compliance data with customizable policies,

questionnaires and workflows, helping organizations to

automate and expedite compliance

Benefits Automated & Agent-less compliance auditing supporting multiple

regulatory mandates.

Customizable questionnaires and business workflows to

evaluate controls, gather evidence & validate compliance.

Seamless integration with enterprise GRC solutions.

QualysGuard® SaaS Applications

QualysGuard SaaS Technology Platform

Scanners & Collectors Open APIs, Web Services & Integrations

Enterprise SMB Freemium Services

QualysGuard On Demand Portal

Analyze

Vulnerability Mgmt.

Web App Scan

Malware Detection

SSL Labs

Zero days analyzer

Monitor

Web Application Logs

Botnet Detection*

Comply

Policy Compliance

PCI Compliance

Qualys Seal

SCAP / FDCC

Compliance Mgmt*

Prevent

Web App. Firewall*

QualysGuard Suite of Security

& Compliance Applications

9

Powerful ability to manage, search and tag assets

− Organizing ICT Assets using Tags

- Static and Dynamic asset tagging

- Hierarchical asset tagging

− Uses existing VM scan data

− Integrated with existing QG apps.

Asset Tagging/Searching/Reporting based on

- platforms, applications, services

- IT responsibility

- Based on locality

- Based on Business Processes

Qualys Asset Management (patent pending)

CONFIDENTIAL | 10

Qualys Vulnerability Management

12 years on market

Market leader since 2008 Gartner, IDC, Forrester, Frost & Sullivan SC Magazine best Vulnerability Mgt solution 6 years in a row

Full VM Cycle • Free and unlimited network discovery

• Discover, group, & prioritize network assets

• Identify vulnerabilities, exploits, malware, patches, & unsupported technologies

• Prioritize, execute & audit remediation

• Automate reporting, trending, & alerting

13,000+ signatures covering 55K+ vulnerabilities, updated daily

QG Vulnerability Management Module User Interface – Vulnerability Knowledge Base

QG Vulnerability Management Module User Interface – Vulnerability Description

Exploits Knowledgebase

Information added for Exploits

Following resources used:

− Exploit-DB

− Metasploit

− Core Security

− Immunity

− Others…

Helpful in the Remediation process

Comprehensive CVSS v2 scores

Assets at risk of Exploits Report

Malware Knowledgebase

Information added for Malware Code Availability

Following resources used:

Trend Micro Malware Knowledgebase

Others malware resources coming…

Helpful in the Remediation process

Assets at risk of Malware Report

3 Solution categories

Solution description categories:

Vendor Patch available

Workaround available

Virtual Patch available Trend Micro Deep Inspection signatures

Others resources coming…

Helpful in the Remediation process

Virtually Patchable Assets Report

Qualys Web Application Scanning

Vulnerability Scanning

inside Web Apps :

• Authenticated Scanning

• OWASP TOP 10 support

• Web services Discovery

• Web services Catalog

• Certificate auth. support

• Selenium auth. Support

• Java, Ajax, Flash support

Qualys Malware Detection for Web Apps

Malware Detection inside

Web App source code:

• Static signature Analysis

• Behavioral Analysis

• Dashboard and centralized

reporting

• Sharing WAS module settings

and Web Apps authentication

Qualys SECURE Seal for Web Apps

Web Site Certification

• Daily WAS Malware Scanning

• Weekly IP vulnerability

• Weekly WAS vulnerability

• Weekly SSL Protocol Audit

• Email notification

• Daily updated SECURE Seal

applet for your web site

http://www.qualys.com/zero-day

Zero-Day Analyzer for VM GA – April in Europe

20

Zero-Day Analyzer for VM Allows customers to analyze zero-day threats

and estimate their impact on their assets and

critical systems based on information

collected from previous scan results.

Benefits Latest signatures for iDefense exclusive zero-

day threats

Customizable alerting and email notifications

Actionable data with estimates about what

systems are at risk

Audit state of browsers

security in the enterprise

• Simple & Scalable

• Multiple platform & browsers

• Multiple Browser Plugins

• Centralized Reporting

• No SW/HW to install!

Free BrowserCheck Business Edition

Register here: http://www.qualys.com/forms/browsercheck-

business-edition/

QualysGuard scanning progress Number of vulnerability and compliance scans per quarter

Qualys reached +500 millions scans in 2010

Qualys reached +600 millions scans in 2011

+700 millions in 2012 ?

Qualys Scanning Quality Metrics Six Sigma Scanning Accuracy

99,99930000

99,99940000

99,99950000

99,99960000

99,99970000

99,99980000

99,99990000

100,00000000

14 000 000

15 000 000

16 000 000

17 000 000

18 000 000

19 000 000

20 000 000

21 000 000

QG

Scan A

ccuracy (%

) N

um

be

r o

f Sc

ans

Qualys Six Sigma Accuracy

Scanned IPs (M) Reported Cases Actual Bugs

SIX SIGMA

SCANNING ACTIVITY

23

Six Sigma Accuracy = Less then 4 defects for each 1 mil IP scanning!

4 defects (bugs) cover: False-negative, False-positive, Service-crashed, Host-crashed reported to Qualys Support

Quality Metrics Customer Contact Ratio

0,00

0,20

0,40

0,60

0,80

1,00

1,20

dec..10 jan..11 febr..11 márc..11 ápr..11 máj..11 jún..11 júl..11 aug..11 szept..11 okt..11 nov..11 dec..11 jan..12

Nu

mb

er

of

Cal

ls p

er

Mo

nth

Customer Contact Ratio*

QG-Enterprise QG-Express QG-PCI

* Number of phone calls and e-mail per customer/month

24

Thank You mskalicky@qualys.com