0
Introducing the QualysGuard
Security and Compliance Suite
RoadMap 2010 - …
Marek Skalicky
Regional Account Manager for
Cen...
QG Vulnerability Management Module
QG VM Update 6.8                                    Jan2010

 New QID 70053 “Windows Authentication Method
 for User-Provi...
QG VM Update 6.10                               May2010

New Vulnerability Discovery method marks:
Remote only / Authentic...
QualysGuard VM 6.11                                H2-2010

 New Microsoft Patch report with superseded information
QG Policy Compliance Module
QG PC Update 6.8                                   Jan2010
 Provide human readable mapping of file/registry permissions i...
QG PC Update 6.10 – Custom SSH Ports

Unix Authentication Record(s)
  – Well Known Ports (22, 23, 513)
  – Custom Ports
QG PC Update 6.10 – Custom SSH Ports

 New Ports Section
 Standard Scan (~1900 Ports)
        Standard VM Ports
        ...
QG PC Update 6.10 – Oracle OS Checks
Windows Parameters
  – Oracle Home Name
  – Oracle Home Path
  – Init.ora
  – Spfile....
QG PC Update 6.10 - Control Creation Date

 Controls Listing
   – Created column
QG 6.10 PC – File Integrity

 Enable File Integrity
  – Options Profile
QG 6.10 PC – File Integrity
 User Defined Control
  – Windows
  – Unix
 Scan Parameters
  – File/Directory Path
  – Hash...
QG 6.10 PC – File Integrity
 Reports
  – Scan Parameters
  – Extended Evidence
QG 6.10 PC – User Defined Controls
 New User Defined Controls
  – Windows
       Windows 7
  – Unix
       AIX 6.x
    ...
QG 6.10 PC – Multiple Oracle SIDs
 Policy Compliance Only
 Authentication Record
  – Enable for PC Only
 Reports
  – Te...
QG 6.10 PC – Asset Group Filtering

 Policy Report
  – Filter By Asset Group
       All: Display Trend
       By Asset ...
QG PCI Compliance Module
QualysGuard PCI 4.0
Discovery Scan
 Provides merchants with the ability to discover live devices and help
  them identify...
QualysGuard PCI 4.0
PCI Connect
 New platform to connect customers with relevant technology providers
    directly from t...
QualysGuard PCI 4.0
Import Evidence Capability
 Users can now upload and attach evidence to support SAQ validation
  in m...
QG WAS Module
QG WAS Update 6.7            Nov2009
Multi-Site Scanning
support for web
applications

 ... licensing benefit for
  scann...
QG WAS Update 6.8                                                        Jan2010
Password Brute Forcing of web application...
QG WAS Update 6.8           Jan2010
Authentication Form Fields
manual configuration

 ... automatic Form-based
  authenti...
QG Malware Detection Service
Introducing
QualysGuard Malware Detection
  New FREE Malware Detection Service
    - Daily scans that provide immediate i...
QualysGuard Malware Detection
 Static and Behavioral Detection
Two-pronged approach for detecting malware:
   - Static Ana...
QualysGuard Malware Detection
Identification of Malicious Code
QualysGuard Malware Detection
Pricing and Availability
• Pricing
    FREE for ALL (up to 10 domains per user account)


•...
QG Secure GO Service
Introducing
Qualys GO SECURE Service and SECURE Seal
Qualys GO SECURE Service and Seal
Types of Scans
① Malware Detection (Daily)
    – Detects malicious software that could b...
Qualys GO SECURE Service and Seal
Review and Remediation of Malware & Vulns
Qualys GO SECURE Service and Seal
Qualys SECURE Seal – How It Works?
 Merchant adds SECURE seal code to
  their web site ...
Q&A




       Thank you

      mskalicky@qualys.com
Upcoming SlideShare
Loading in...5
×

Novinky QualysGuard 2010

971

Published on

Novinky QualysGuard 2010

Published in: Education
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
971
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
12
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Novinky QualysGuard 2010"

  1. 1. Introducing the QualysGuard Security and Compliance Suite RoadMap 2010 - … Marek Skalicky Regional Account Manager for Central & Adriatic Eastern Europe Qualys GmbH, Munich office May 2010
  2. 2. QG Vulnerability Management Module
  3. 3. QG VM Update 6.8 Jan2010 New QID 70053 “Windows Authentication Method for User-Provided Credentials” – Windows authentication was performed with user- provided credentials. The Results section includes a list of authentication credentials used.
  4. 4. QG VM Update 6.10 May2010 New Vulnerability Discovery method marks: Remote only / Authenticated only / Remote and Authenticated
  5. 5. QualysGuard VM 6.11 H2-2010  New Microsoft Patch report with superseded information
  6. 6. QG Policy Compliance Module
  7. 7. QG PC Update 6.8 Jan2010  Provide human readable mapping of file/registry permissions in compliance reports  In the policies  In the reports
  8. 8. QG PC Update 6.10 – Custom SSH Ports Unix Authentication Record(s) – Well Known Ports (22, 23, 513) – Custom Ports
  9. 9. QG PC Update 6.10 – Custom SSH Ports New Ports Section Standard Scan (~1900 Ports)  Standard VM Ports  Custom SSH Ports  Default Setting for existing Option Profiles Targeted Scan  Authentication Record Ports  Custom SSH Ports  Default Setting for new Option Profiles
  10. 10. QG PC Update 6.10 – Oracle OS Checks Windows Parameters – Oracle Home Name – Oracle Home Path – Init.ora – Spfile.ora – Listener.ora – Sqlnet.ora – Tnsnames.ora Unix Parameters – Oracle Home Path – Init.ora – Spfile.ora – Listener.ora – Sqlnet.ora – Tnsnames.ora
  11. 11. QG PC Update 6.10 - Control Creation Date Controls Listing – Created column
  12. 12. QG 6.10 PC – File Integrity  Enable File Integrity – Options Profile
  13. 13. QG 6.10 PC – File Integrity  User Defined Control – Windows – Unix  Scan Parameters – File/Directory Path – Hash Type  MD5  SHA-1  SHA-256
  14. 14. QG 6.10 PC – File Integrity  Reports – Scan Parameters – Extended Evidence
  15. 15. QG 6.10 PC – User Defined Controls  New User Defined Controls – Windows  Windows 7 – Unix  AIX 6.x  CentOS 4.x/5.x  Debian GNU/Linux 5.x  HPUX 11i.v3  Mac OS X 10.x  openSUSE 10.x/11.x  Oracle Enterprise Linux 4/5  SUSE Enterprise Linux 11.x  Ubuntu 8.x/9.x  VMWare ESX 3.x/4.x
  16. 16. QG 6.10 PC – Multiple Oracle SIDs  Policy Compliance Only  Authentication Record – Enable for PC Only  Reports – Technology:SID:Port added:  Template Reports  Interactive Reports
  17. 17. QG 6.10 PC – Asset Group Filtering  Policy Report – Filter By Asset Group  All: Display Trend  By Asset Group: No Trend
  18. 18. QG PCI Compliance Module
  19. 19. QualysGuard PCI 4.0 Discovery Scan  Provides merchants with the ability to discover live devices and help them identify systems that are in scope for PCI.  Simple 1-click workflow to add new live devices to accounts.
  20. 20. QualysGuard PCI 4.0 PCI Connect  New platform to connect customers with relevant technology providers directly from the SAQ.  Extend compliance data collection beyond scanning.  Ability to consolidate compliance data from various security solutions
  21. 21. QualysGuard PCI 4.0 Import Evidence Capability  Users can now upload and attach evidence to support SAQ validation in multiple formats including PDF, ZIP, DOC and images  Same evidence file can be attached to multiple questionnaires' and requirements
  22. 22. QG WAS Module
  23. 23. QG WAS Update 6.7 Nov2009 Multi-Site Scanning support for web applications  ... licensing benefit for scanning large applications with same user-access context ...
  24. 24. QG WAS Update 6.8 Jan2010 Password Brute Forcing of web applications users  Require QID 150049 - Login Brute Force Vulnerability  Email addresses collected by QID 150054 is used as username  Warning : if there is a lockout policy, there is a risk to lock accounts
  25. 25. QG WAS Update 6.8 Jan2010 Authentication Form Fields manual configuration  ... automatic Form-based authentication doesn’t always automatically authenticate...  …now you can customize multiple Form fields for authentication
  26. 26. QG Malware Detection Service
  27. 27. Introducing QualysGuard Malware Detection  New FREE Malware Detection Service - Daily scans that provide immediate insight into malware issues - Automated alerts - Identifying vulnerable code snippets for quick and easy removal of malware
  28. 28. QualysGuard Malware Detection Static and Behavioral Detection Two-pronged approach for detecting malware: - Static Analysis – using a “signature-based” approach, the service identifies potential source code that is typically used in malicious attacks. - Behavioral Analysis – the service visits the web site with a vulnerable browser and operating system and runs tests to determine if the web site behaves outside of normal operating guidelines.
  29. 29. QualysGuard Malware Detection Identification of Malicious Code
  30. 30. QualysGuard Malware Detection Pricing and Availability • Pricing  FREE for ALL (up to 10 domains per user account) • Availability  Available today in Beta: http://www.qualys.com/STOPMALWARE
  31. 31. QG Secure GO Service
  32. 32. Introducing Qualys GO SECURE Service and SECURE Seal
  33. 33. Qualys GO SECURE Service and Seal Types of Scans ① Malware Detection (Daily) – Detects malicious software that could be hosted by the web site and infect visitors ② Perimeter Scanning (Weekly) – Identifies externally facing vulnerabilities of the web server that could give attackers access to information stored on the host ③ Web Application Scanning (Weekly) – Crawls and injects HTTP requests to the web application to identify vulnerabilities such as SQL injection and Cross-Site Scripting (XSS) ④ SSL Certificate Validation (Weekly) – Verifies the web site is using an up-to-date SSL certificate from a trusted certificate authority (CA) for encryption of sensitive information during online transactions
  34. 34. Qualys GO SECURE Service and Seal Review and Remediation of Malware & Vulns
  35. 35. Qualys GO SECURE Service and Seal Qualys SECURE Seal – How It Works?  Merchant adds SECURE seal code to their web site to display seal to visitors  Remediation and Removal – Merchant schedules the scans to run automatically on web site on a recurring basis (daily for malware, weekly for vulns and SSL cert validation) - Merchant is notified once malware or vulnerabilities are identified, or SSL cert no longer valid  Merchant resolves the malware/vulnerabilities found to continually show the seal to customers - Seal is removed within 72 hrs if malware or a critical vulnerability is identified - Merchant can fix and rescan to revalidate the seal at any time
  36. 36. Q&A Thank you mskalicky@qualys.com
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×