0
QualysGuard Suite 7.0Updates and New features                  Marek Skalicky, CISM, CRISC Regional Account Manager for Ce...
QualysGuard® SaaS Applications        Enterprise                           SMB                 Freemium Services          ...
QualysGuard Architecture Updates Security Operations Center (SOC)                     Private Clouds (PC)        Future SO...
QualysGuard GlobalInfrastructureVirtual vScanner and Virtual Private SOC                                                  ...
Private Cloud - @Customer HW SOCQualys Supplied Hardware installed at customers premises                   Front Office UI...
Private Cloud – Virtual SOC (Q2 2012)    Customer Supplied Hardware Virtualization platform     Front Office UI         Ba...
New QualysGuard Virtual ScannerRunning on Virtualized platforms including laptopsSupported Virtual Platforms:•   Oracle Vi...
Password Vaults IntegrationPassword Vaults Integration  For GQ authenticated scanning  Local encrypted credentials stora...
VeriSign VIP Two-factor Authentication1) Download free SW Token                          2) Edit user settings in QGhttps:...
QualysGuard Web 2.0 UIDynamic and Role Based UI    Common User Experience Across all Applications      − Interactive Dashb...
QualysGuard Suite of Security& Compliance Applications                11
QualysGuard Suite of SaaS Services                              AUTOMATE - Asset Management (ICT Asset Discovery, Tagging ...
Qualys Asset Management(patent pending)Powerful ability to manage,search and tag assets− Organizing ICT Assets using Tags-...
Qualys Asset ManagementHost tagging & Web application tagging                            CONFIDENTIAL | 14
Qualys Asset ManagementReports by tags & User permissions by tags                             CONFIDENTIAL | 15
QualysGuard Suite of SaaS Services                              AUTOMATE - Asset Management (ICT Asset Discovery, Tagging ...
Qualys Vulnerability ManagementNew UI and Asset TaggingMarket leader since 2008    Gartner, IDC, Forrester, Frost & Sulliv...
Zero-Day Analyzer for VMGA – April in EuropeZero-Day Analyzer for VM  Allows customers to analyze zero-day threats  and es...
QualysGuard Suite of SaaS Services                              AUTOMATE - Asset Management (ICT Asset Discovery, Tagging ...
Qualys Policy Compliance ManagementNew UI and Asset TaggingNew Consultant customs ReportsGolden Image Policy2300+ controls...
Customizable Questionnaires for PCBeta availableCustom Questionnaires  Enables customers to easily build  questionnaires u...
Free Premium Services and Qualys Open-Source research activities “QualysGuard Freemium Suite”             CONFIDENTIAL | 22
New Qualys FreeScan for Web Sites5 External Scans for yourPerimeter and Web site:•   IP Vulnerability Scan•   Web Applicat...
Free BrowserCheck Business EditionAudit state of browserssecurity in the enterprise•   Simple & Scalable•   Multiple platf...
Free SSL Lab Audit ServiceAudit implementation ofSSL protocol on you Web•   Certificate Validity and Trust•   SSL Protocol...
Qualys Global CommunityJoin us at https://community.qualys.com                                                            ...
CSO Interchange EventsComing to a City Near You            http://www.csointerchange.org                           27
Qualys Security Conferences ‘12Las Vegas, Munich, London and Paris            http://www.qualys.com/qsc                   ...
Thank You mskalicky@qualys.com
Upcoming SlideShare
Loading in...5
×

QualysGuard InfoDay 2012 - QualysGuard Suite 7.0

916

Published on

Published in: Business, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
916
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
20
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "QualysGuard InfoDay 2012 - QualysGuard Suite 7.0"

  1. 1. QualysGuard Suite 7.0Updates and New features Marek Skalicky, CISM, CRISC Regional Account Manager for Central & Adriatic Eastern Europe
  2. 2. QualysGuard® SaaS Applications Enterprise SMB Freemium Services QualysGuard On Demand Portal Analyze Comply Monitor Prevent Vulnerability Mgmt. Policy Compliance Web Application Logs Web App. Firewall* Web App Scan PCI Compliance Botnet Detection* Malware Detection Qualys Seal SSL Labs SCAP / FDCC Zero days analyzer Compliance Mgmt* QualysGuard SaaS Technology Platform Scanners & Collectors Open APIs, Web Services & Integrations
  3. 3. QualysGuard Architecture Updates Security Operations Center (SOC) Private Clouds (PC) Future SOC and PC EU SOC PC PC PC EU SOC US SOC PC PC PC US SOC PC PC PC PC SOC PC PC New Backup SOCs in US and EU
  4. 4. QualysGuard GlobalInfrastructureVirtual vScanner and Virtual Private SOC QualysGuard SW Virtual Scanner QualysGuard SW Virtual Private SOC World’s Largest global Vulnerability Management deployment at Daimler - 293 scanner appliances scanning over a million IPs in 80 locations Performing 600+ Million IP scan and maps per year 4
  5. 5. Private Cloud - @Customer HW SOCQualys Supplied Hardware installed at customers premises Front Office UI Back Office UI QualysGuard API Virtualized Web Distribution Reporting JobD Bus • vmware and Application Layer Monitoring Logging • DB Audit Vault • Virtual Private DB Database Layer Reports Core Portal Platform • Redundant and Secure Network Core • High Availability • Redundant Service Infrastructure Infrastructure • Secure Network • Redundant Database Infrastructure Layer
  6. 6. Private Cloud – Virtual SOC (Q2 2012) Customer Supplied Hardware Virtualization platform Front Office UI Back Office UI QualysGuard API • vmware Virtualized Web and Distribution Reporting JobD Bus Application Layer Monitoring Logging • DB Audit Vault Virtualized • Virtual Private DB Database Layer Reports Core Portal Infrastructure Layer Customer Infrastructure
  7. 7. New QualysGuard Virtual ScannerRunning on Virtualized platforms including laptopsSupported Virtual Platforms:• Oracle Virtual Box (Open Source)• VMware ESXi, ESX, Workstation, Player, Fusion, vCenter, vSphere• Microsoft Hyper-V (Coming soon)• Citrix XenServer 6.0 (Coming soon)RESOURCES - MINIMUM• 1 x vCPU core• 1 GB RAM• 1 x 40GB virtual HDDRESOURCES - RECOMMENDED• 2 x vCPU cores• 4 GB RAM• 1 x 40GB virtual HDD CONFIDENTIAL | 7
  8. 8. Password Vaults IntegrationPassword Vaults Integration  For GQ authenticated scanning  Local encrypted credentials storageVery easy to implement  1 day project including C-A implementation  References: Rabobank, Discover, CNBPassword Vaults Technologies  Cyber-Ark PIM Suite  Thycotic Secret Server  … others coming soon
  9. 9. VeriSign VIP Two-factor Authentication1) Download free SW Token 2) Edit user settings in QGhttps://vipmobile.verisign.com/supportedphones.v3) Login with VeriSign VIP
  10. 10. QualysGuard Web 2.0 UIDynamic and Role Based UI Common User Experience Across all Applications − Interactive Dashboards − Context-based UI − Powerful Workflows − Actionable Menus & Filters 10
  11. 11. QualysGuard Suite of Security& Compliance Applications 11
  12. 12. QualysGuard Suite of SaaS Services AUTOMATE - Asset Management (ICT Asset Discovery, Tagging and Prioritization) - Risk Management (ICT Vulnerability Analyses, Remediation, Verification) - Compliance Management (ICT Configuration Standards and Audits) … by SaaS Service on your request, demand, price and scope! CONFIDENTIAL | 12
  13. 13. Qualys Asset Management(patent pending)Powerful ability to manage,search and tag assets− Organizing ICT Assets using Tags- Static and Dynamic asset tagging- Hierarchical asset tagging− Uses existing VM scan data− Integrated with existing QG apps.Asset Tagging/Searching/Reportingbased on- platforms, applications, services- IT responsibility- Based on locality- Based on Business Processes CONFIDENTIAL | 13
  14. 14. Qualys Asset ManagementHost tagging & Web application tagging CONFIDENTIAL | 14
  15. 15. Qualys Asset ManagementReports by tags & User permissions by tags CONFIDENTIAL | 15
  16. 16. QualysGuard Suite of SaaS Services AUTOMATE - Asset Management (ICT Asset Discovery, Tagging and Prioritization) - Risk Management (ICT Vulnerability Analyses, Remediation, Verification) - Compliance Management (ICT Configuration Standards and Audits) … by SaaS Service on your request, demand, price and scope! CONFIDENTIAL | 16
  17. 17. Qualys Vulnerability ManagementNew UI and Asset TaggingMarket leader since 2008 Gartner, IDC, Forrester, Frost & Sullivan SC Magazine best Vulnerability Mgt solution 6 years in a rowFull VM Cycle• Free and unlimited network discovery• Discover, group, & prioritize network assets• Identify vulnerabilities, exploits, malware, patches, & unsupported technologies• Prioritize, execute & audit remediation• Automate reporting, trending, & alerting13,000+ signatures covering 55K+ vulnerabilities, updated daily
  18. 18. Zero-Day Analyzer for VMGA – April in EuropeZero-Day Analyzer for VM Allows customers to analyze zero-day threats and estimate their impact on their assets and critical systems based on information collected from previous scan results.Benefits Latest signatures for iDefense exclusive zero- day threats Customizable alerting and email notifications Actionable data with estimates about what systems are at risk http://www.qualys.com/zero-day 18
  19. 19. QualysGuard Suite of SaaS Services AUTOMATE - Asset Management (ICT Asset Discovery, Tagging and Prioritization) - Risk Management (ICT Vulnerability Analyses, Remediation, Verification) - Compliance Management (ICT Configuration Standards and Audits) … by SaaS Service on your request, demand, price and scope! CONFIDENTIAL | 19
  20. 20. Qualys Policy Compliance ManagementNew UI and Asset TaggingNew Consultant customs ReportsGolden Image Policy2300+ controls over 50 platformsUser controls for Win/Unix
  21. 21. Customizable Questionnaires for PCBeta availableCustom Questionnaires Enables customers to easily build questionnaires using the Unified Compliance Framework (UCF), as well as leverage existing business process workflows to evaluate controls, gather documents and evidence and validate compliance.Benefits Automation of manual assessments Ability to define/customize audit work flow Industry leading policy repository of nearly 1000 standards and regulations via UCF http://www.qualys.com/forms/questionnaires/ 21
  22. 22. Free Premium Services and Qualys Open-Source research activities “QualysGuard Freemium Suite” CONFIDENTIAL | 22
  23. 23. New Qualys FreeScan for Web Sites5 External Scans for yourPerimeter and Web site:• IP Vulnerability Scan• Web Application Vulnerability• Web Application Malware scan• Full Reporting functionality Register here: http://www.qualys.com/forms/freescan/
  24. 24. Free BrowserCheck Business EditionAudit state of browserssecurity in the enterprise• Simple & Scalable• Multiple platform & browsers• Multiple Browser Plugins• Centralized Reporting• No SW/HW to install! Register here: http://www.qualys.com/forms/browsercheck- business-edition/
  25. 25. Free SSL Lab Audit ServiceAudit implementation ofSSL protocol on you Web• Certificate Validity and Trust• SSL Protocol version support• Encryption Cipher Strength• Encryption Key Exchange• SOLUTION description• Risk of Attack description Register here: http://www.ssllabs.com
  26. 26. Qualys Global CommunityJoin us at https://community.qualys.com Total Members 4500 4000 3500 3000 2500 2000 1500 1000 500 0 24.7 24.8 24.9 24.1 24.2 24.3 24.4 24.5 24.6 24.7 24.8 24.9 24.10 24.11 24.12 24.10 24.11 24.12 26
  27. 27. CSO Interchange EventsComing to a City Near You http://www.csointerchange.org 27
  28. 28. Qualys Security Conferences ‘12Las Vegas, Munich, London and Paris http://www.qualys.com/qsc 28
  29. 29. Thank You mskalicky@qualys.com
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×