New e-book: Establishing a proactive defense with Microsoft Security Exposure Management

Effective exposure management begins by illuminating and hardening risks across the entire attack surface. Some of the most meaningful shifts in security happen quietly—when teams take a clear look at their exposure landscape and acknowledge the gap between where they stand today and where they...

Beyond CVSS: Critical CVE Vulnerabilities Analysis

Attackers don't care about your CVSS scores. They care about finding a path into your network. That path might not be a single, glaring "critical" vulnerability. Often, it’s a chain of lower-severity weaknesses on overlooked assets that, when combined, give them the keys to the kingdom. This is w...

Three Recommendations for Creating a Risk-Based Detection and Response Program

It should come as little surprise to most security professionals that keeping pace with the evolution of threat actors has become harder and harder. Maintaining visibility into the threat landscape and on top of external risk vectors is more than a matter of incorporating more point solutions. It...

PCI DSS 4.0: Get Audit-Ready for the New Requirements

The Payment Card Industry Data Security Standard PCI DSS originated in 2004 and is managed by the PCI Security Standards Council to ensure security for the global payment industry. This mandate applies to all entities worldwide that store, process, or transmit payment cardholder data or sensitive...

De-risk the Software Supply Chain by Expanding Unparalleled Detection Coverage With Qualys VMDR and Software Composition Analysis

QIDs/CVEs When it comes to cybersecurity, speed is key in getting an edge over attackers. But when you consider that vulnerabilities weaponize 24 days faster than then they are remediated on average, cybersecurity stakeholders have a lot of catching up to do. While there are many ways defenders c...

Embracing a risk-based cybersecurity approach with ASRM

Explore how a risk-based cybersecurity approach is critical to proactively stop dynamic, ever-evolving threats...

De-risking in Practice: How Qualys Customers are Driving Value in Their Organizations

As the threat landscape continues to grow in complexity, it has become more important than ever for the modern enterprise to measure, communicate, and eliminate cyber risk with efficiency. What does that mean in practice? Over the last two days, during the 2023 Qualys Security Conference QSC taki...

Security Patch Management Strengthens Ransomware Defense

With thousands of applications to manage, enterprises need an effective way to prioritize software security patches. That calls for a contextualized, risk-based approach and good overall attack surface risk management...

Implementing Risk-Based Vulnerability Discovery and Remediation

In this day and age, vulnerabilities in software and systems pose a considerable danger to businesses, which is why it is essential to have an efficient vulnerability management program in place. To stay one step ahead of possible breaches and reduce the damage they may cause, it is crucial to...

Security Patch Management Strengthens Ransomware Defense

With thousands of applications to manage, enterprises need an effective way to prioritize software security patches. That calls for a contextualized, risk-based approach and good overall attack surface risk management...

Security Patch Management Strengthens Ransomware Defense

With thousands of applications to manage, enterprises need an effective way to prioritize software security patches. That calls for a contextualized, risk-based approach and good overall attack surface risk management...

3 Ways to Apply a Risk-Based Approach to Threat Detection, Investigation, and Response: Gartner® Report

In an ongoing effort to help security organizations gain greater visibility into risk, we’re pleased to offer this complimentary Gartner® report, 3 Ways to Apply a Risk-Based Approach to Threat Detection, Investigation, and Response. This insightful research can help a security organization reali...

Patch Where it Hurts: Effective Vulnerability Management in 2023

A recently published Security Navigator report data shows that businesses are still taking 215 days to patch a reported vulnerability. Even for critical vulnerabilities, it generally takes more than 6 months to patch. Good vulnerability management is not about being fast enough in patching all...

Why Organizations Struggle with Patch Management (and What to Do about It)

The cybersecurity attack surface continues to grow exponentially. Modern technologies are being deployed on-premises and in the cloud as part of digital transformation journeys. Meanwhile, the current practice of identifying, classifying, prioritizing, and remediating vulnerabilities has become...

Taking the Risk-Based Approach to Vulnerability Patching

Software vulnerabilities are a major threat to organizations today. The cost of these threats is significant, both financially and in terms of reputation. Vulnerability management and patching can easily get out of hand when the number of vulnerabilities in your organization is in the hundreds of...

WordPress Bugs Exploded in 2021, Most Exploitable

Last year brought forth much more than a Ben Affleck-Jennifer Lopez reunion – analysts found the number of exploitable WordPress plugin vulnerabilities exploded. Researchers from RiskBased Security reported they found the number of WordPress Plugin vulnerabilities rose by triple digits in 2021...

6 ways cybersecurity teams can save time and money

The phrase “time is money”, originally attributed to Benjamin Franklin, reprimands the slothful for wasting their working hours. As one of the founding fathers of the United States, Benjamin Franklin clearly never worked a day in cybersecurity. This is an area where fresh blood is hard to find to...

Building an Open Cloud Platform

Qualys Chairman and CEO Philippe Courtot kicked off Qualys Security Conference with an assessment of current security challenges and a clear call to action on how to successfully overcome them. “Today security is front and center, and as we move to the cloud, we must rethink security,” Courtot sa...

Building an Open Cloud Platform

Qualys Chairman and CEO Philippe Courtot kicked off QSC USA 2020, the company’s 20th annual user conference, with an assessment of current security challenges, and a clear call to action on how to successfully overcome them. “Today security is front and center, and as we move to the cloud, we mus...

Adopting a Risk-Based Approach to Cybersecurity in the Financial Services Industry

Today’s financial organizations face many different risks in volatile and uncertain business environments, but the ever-present threat of cyberattacks and data breaches is now impossible to ignore. For this reason, managing these cyber-risks now has to simply be considered one of the many costs o...