FFIEC News

New Qualys Security and Compliance Suite Provides Reporting Metrics for Enterprise Stakeholders

(Aprl 22, 2008)-- Qualys announced QualysGuard 6.0, an upgrade to its flagship solution for vulnerability and compliance management. QualysGuard 6.0 enables security managers, as well as key organisation executives, including business line managers, members of the board and auditors, to get an on demand view of IT security and compliance within the enterprise. QualysGuard 6.0 offers new metrics reporting supported by scorecards and secure, collaborative report distribution workflows which help operations and IT staff to be efficient and communicate effectively with auditors and executive management.

QualysGuard 6.0 is an integral component of the QualysGuard Security and Compliance Suite also being demonstrated at the Infosecurity Europe tradeshow for the first time in Europe. The QualysGuard Software-as-a-Service (SaaS) suite helps organisations worldwide manage the ongoing convergence of security and policy compliance efforts.

Commenting on this latest breakthrough, John Meakin, Group Head of Information Security for Standard Chartered Bank said:

“Accurate measurement is essential for effective security management. This latest innovation from Qualys is a major leap forward towards achieving fully integrated vulnerability and compliance management across our widely distributed network. One of our greatest challenges is gathering results globally and then building them into meaningful reports, presenting to senior management the progress made in remediation and to our auditors, the state of compliance across our enterprise. QualysGuard 6.0 gives us the ability to produce metrics reports on demand and distribute them securely between IT, audit staff and key business executives. On the business level, this helps elevate the issue of security into the boardroom. On a practical level, it promotes a more robust and cost-effective security strategy.

As a SaaS offering, QualysGuard 6.0 requires no infrastructure to maintain or manage. Therefore, customers can immediately take advantage of the new features of the QualysGuard platform without having to install any new software. QualysGuard 6.0 features include:

– New “Scorecard” Reporting Feature: QualysGuard 6.0 introduces a new fully customizable report type, the scorecards, offering on demand reporting of the most vulnerable hosts, most prevalent vulnerabilities, required software (patches and agents), asset group vulnerabilities, and ignored vulnerabilities. These scorecards can be crafted to create a view of vulnerability and missing patches information across a business unit or the entire network.

– Collaborative Report Distribution: QualysGuard 6.0 offers IT Managers and Business Unit Managers the ability to create custom reports and share them securely with other users within the application regardless of the users’ access privileges. This is most valuable in support of sharing scorecards and other comparison reports across the security and audit teams.

– New Secure Distribution of Reports: QualysGuard 6.0 supports the ability to securely and automatically distribute encrypted PDF reports to parties outside of the subscription via email in support of executives or business line owners that need reports but do not have user accounts in QualysGuard.

“As we have seen with CRM software, the Software-as-a-Service delivery model allows for broader usage as it allows users to access information from anywhere at anytime,” said Philippe Courtot, CEO and Chairman of Qualys. “This is specifically important with security applications as security issues are a concern of many stakeholders who all need to be involved and receive the security information according to their focus.”

Share or bookmarklet this web page at: