Introducing the Wallarm AI Control Platform: One closed loop for AI security and API security.

TL;DR - AI deployment has outpaced AI governance. Most enterprises running AI on AWS cannot answer four basic security questions about what's running, what it's doing,how to stop it, and how to prove it's under control. - The Wallarm AI Control Platform closes this gap: one platform for Discover,...

GRC-demo-poc-oscal

GRC-OSCAL — continuous compliance, demonstrated A working pro...

Qualys Named a Leader and Outperformer in the 2025 GigaOm Radar for CNAPP

We’re proud to share that Qualys has been recognized as a Leader and Outperformer in the 2025 GigaOm Radar Report for Cloud-Native Application Protection Platforms CNAPP. This year’s evaluation underscores an important reality of the CNAPP market: while 18 vendors were evaluated , only a small...

CVE-2025-14591

In Delphix Continuous Compliance version 2025.3.0 and later, following a recent bug fix to correctly handle CR+LF Windows and DOS End-of-Record EOR characters in delimited files, an issue was identified: using an incorrect EOR configuration can cause inaccurate parsing and leave personally...

CVE-2025-14591

In Delphix Continuous Compliance version 2025.3.0 and later, following a recent bug fix to correctly handle CR+LF Windows and DOS End-of-Record EOR characters in delimited files, an issue was identified: using an incorrect EOR configuration can cause inaccurate parsing and leave personally...

PT-2025-52541

Name of the Vulnerable Software and Affected Versions Delphix Continuous Compliance versions 2025.3.0 and above Description An issue exists due to incorrect handling of End-of-Record EOR characters in delimited files. Specifically, an incorrect EOR configuration can lead to inaccurate parsing,...

Your Guide to PCI DSS 4.0.1 Web Application and API Controls with a Simplified Path to Compliance

Executive Summary PCI DSS 4.0.1 compliance mandates stricter security controls for web applications and APIs. Key updates include maintaining an inventory of custom software PCI 6.3.2 and managing payment page scripts to prevent skimming attacks PCI 6.4.3. Organizations must also adopt risk-based...

Introducing Qualys Policy Audit, the New Standard for Audit Readiness

Do you know how audit ready you really are? What if you could answer that question with confidence—at any moment, across every system, for every framework that matters to your business? In today’s rapidly shifting regulatory landscape, audits are no longer a periodic event—they’re a continuous...

CVE-2025-3113 Improper Access Control in Delphix Masking Engine

A valid, authenticated user with sufficient privileges and who is aware of Continuous Compliance’s internal database configurations can leverage the application’s built-in Connector functionality to access Continuous Compliance’s internal database. This allows the user to explore the internal...

PT-2025-16941

Name of the Vulnerable Software and Affected Versions Continuous Compliance affected versions not specified Description A valid, authenticated user with sufficient privileges can leverage the application's built-in Connector functionality to access Continuous Compliance's internal database,...

Managing Security Configuration Risk with the Most Comprehensive Configuration Compliance Solution!

Qualys leads the industry with 850 policies, 19000 controls, 350 technologies, and 100 frameworks Remote and hybrid work, digital transformation, and customer experience initiatives require rapid and continuous technology additions and changes. This requires continual additions of and deployments...

Streamlining and Automating Compliance

There are seemingly countless regulatory and industry frameworks out there that organizations have to navigate and comply with. SOX Sarbanes-Oxley, PCI-DSS Payment Card Industry Data Security Standard, GDPR General Data Protection Regulation, HIPAA Health Insurance Portability and Accountability...