• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
QualysGuard InfoDay 2012 - QualysGuard Suite 7.0
 

QualysGuard InfoDay 2012 - QualysGuard Suite 7.0

on

  • 882 views

 

Statistics

Views

Total Views
882
Views on SlideShare
833
Embed Views
49

Actions

Likes
0
Downloads
16
Comments
0

3 Embeds 49

http://www.rac.cz 45
http://www.bcms.cz 3
http://rac-xu 1

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    QualysGuard InfoDay 2012 - QualysGuard Suite 7.0 QualysGuard InfoDay 2012 - QualysGuard Suite 7.0 Presentation Transcript

    • QualysGuard Suite 7.0Updates and New features Marek Skalicky, CISM, CRISC Regional Account Manager for Central & Adriatic Eastern Europe
    • QualysGuard® SaaS Applications Enterprise SMB Freemium Services QualysGuard On Demand Portal Analyze Comply Monitor Prevent Vulnerability Mgmt. Policy Compliance Web Application Logs Web App. Firewall* Web App Scan PCI Compliance Botnet Detection* Malware Detection Qualys Seal SSL Labs SCAP / FDCC Zero days analyzer Compliance Mgmt* QualysGuard SaaS Technology Platform Scanners & Collectors Open APIs, Web Services & Integrations
    • QualysGuard Architecture Updates Security Operations Center (SOC) Private Clouds (PC) Future SOC and PC EU SOC PC PC PC EU SOC US SOC PC PC PC US SOC PC PC PC PC SOC PC PC New Backup SOCs in US and EU
    • QualysGuard GlobalInfrastructureVirtual vScanner and Virtual Private SOC QualysGuard SW Virtual Scanner QualysGuard SW Virtual Private SOC World’s Largest global Vulnerability Management deployment at Daimler - 293 scanner appliances scanning over a million IPs in 80 locations Performing 600+ Million IP scan and maps per year 4
    • Private Cloud - @Customer HW SOCQualys Supplied Hardware installed at customers premises Front Office UI Back Office UI QualysGuard API Virtualized Web Distribution Reporting JobD Bus • vmware and Application Layer Monitoring Logging • DB Audit Vault • Virtual Private DB Database Layer Reports Core Portal Platform • Redundant and Secure Network Core • High Availability • Redundant Service Infrastructure Infrastructure • Secure Network • Redundant Database Infrastructure Layer
    • Private Cloud – Virtual SOC (Q2 2012) Customer Supplied Hardware Virtualization platform Front Office UI Back Office UI QualysGuard API • vmware Virtualized Web and Distribution Reporting JobD Bus Application Layer Monitoring Logging • DB Audit Vault Virtualized • Virtual Private DB Database Layer Reports Core Portal Infrastructure Layer Customer Infrastructure
    • New QualysGuard Virtual ScannerRunning on Virtualized platforms including laptopsSupported Virtual Platforms:• Oracle Virtual Box (Open Source)• VMware ESXi, ESX, Workstation, Player, Fusion, vCenter, vSphere• Microsoft Hyper-V (Coming soon)• Citrix XenServer 6.0 (Coming soon)RESOURCES - MINIMUM• 1 x vCPU core• 1 GB RAM• 1 x 40GB virtual HDDRESOURCES - RECOMMENDED• 2 x vCPU cores• 4 GB RAM• 1 x 40GB virtual HDD CONFIDENTIAL | 7
    • Password Vaults IntegrationPassword Vaults Integration  For GQ authenticated scanning  Local encrypted credentials storageVery easy to implement  1 day project including C-A implementation  References: Rabobank, Discover, CNBPassword Vaults Technologies  Cyber-Ark PIM Suite  Thycotic Secret Server  … others coming soon
    • VeriSign VIP Two-factor Authentication1) Download free SW Token 2) Edit user settings in QGhttps://vipmobile.verisign.com/supportedphones.v3) Login with VeriSign VIP
    • QualysGuard Web 2.0 UIDynamic and Role Based UI Common User Experience Across all Applications − Interactive Dashboards − Context-based UI − Powerful Workflows − Actionable Menus & Filters 10
    • QualysGuard Suite of Security& Compliance Applications 11
    • QualysGuard Suite of SaaS Services AUTOMATE - Asset Management (ICT Asset Discovery, Tagging and Prioritization) - Risk Management (ICT Vulnerability Analyses, Remediation, Verification) - Compliance Management (ICT Configuration Standards and Audits) … by SaaS Service on your request, demand, price and scope! CONFIDENTIAL | 12
    • Qualys Asset Management(patent pending)Powerful ability to manage,search and tag assets− Organizing ICT Assets using Tags- Static and Dynamic asset tagging- Hierarchical asset tagging− Uses existing VM scan data− Integrated with existing QG apps.Asset Tagging/Searching/Reportingbased on- platforms, applications, services- IT responsibility- Based on locality- Based on Business Processes CONFIDENTIAL | 13
    • Qualys Asset ManagementHost tagging & Web application tagging CONFIDENTIAL | 14
    • Qualys Asset ManagementReports by tags & User permissions by tags CONFIDENTIAL | 15
    • QualysGuard Suite of SaaS Services AUTOMATE - Asset Management (ICT Asset Discovery, Tagging and Prioritization) - Risk Management (ICT Vulnerability Analyses, Remediation, Verification) - Compliance Management (ICT Configuration Standards and Audits) … by SaaS Service on your request, demand, price and scope! CONFIDENTIAL | 16
    • Qualys Vulnerability ManagementNew UI and Asset TaggingMarket leader since 2008 Gartner, IDC, Forrester, Frost & Sullivan SC Magazine best Vulnerability Mgt solution 6 years in a rowFull VM Cycle• Free and unlimited network discovery• Discover, group, & prioritize network assets• Identify vulnerabilities, exploits, malware, patches, & unsupported technologies• Prioritize, execute & audit remediation• Automate reporting, trending, & alerting13,000+ signatures covering 55K+ vulnerabilities, updated daily
    • Zero-Day Analyzer for VMGA – April in EuropeZero-Day Analyzer for VM Allows customers to analyze zero-day threats and estimate their impact on their assets and critical systems based on information collected from previous scan results.Benefits Latest signatures for iDefense exclusive zero- day threats Customizable alerting and email notifications Actionable data with estimates about what systems are at risk http://www.qualys.com/zero-day 18
    • QualysGuard Suite of SaaS Services AUTOMATE - Asset Management (ICT Asset Discovery, Tagging and Prioritization) - Risk Management (ICT Vulnerability Analyses, Remediation, Verification) - Compliance Management (ICT Configuration Standards and Audits) … by SaaS Service on your request, demand, price and scope! CONFIDENTIAL | 19
    • Qualys Policy Compliance ManagementNew UI and Asset TaggingNew Consultant customs ReportsGolden Image Policy2300+ controls over 50 platformsUser controls for Win/Unix
    • Customizable Questionnaires for PCBeta availableCustom Questionnaires Enables customers to easily build questionnaires using the Unified Compliance Framework (UCF), as well as leverage existing business process workflows to evaluate controls, gather documents and evidence and validate compliance.Benefits Automation of manual assessments Ability to define/customize audit work flow Industry leading policy repository of nearly 1000 standards and regulations via UCF http://www.qualys.com/forms/questionnaires/ 21
    • Free Premium Services and Qualys Open-Source research activities “QualysGuard Freemium Suite” CONFIDENTIAL | 22
    • New Qualys FreeScan for Web Sites5 External Scans for yourPerimeter and Web site:• IP Vulnerability Scan• Web Application Vulnerability• Web Application Malware scan• Full Reporting functionality Register here: http://www.qualys.com/forms/freescan/
    • Free BrowserCheck Business EditionAudit state of browserssecurity in the enterprise• Simple & Scalable• Multiple platform & browsers• Multiple Browser Plugins• Centralized Reporting• No SW/HW to install! Register here: http://www.qualys.com/forms/browsercheck- business-edition/
    • Free SSL Lab Audit ServiceAudit implementation ofSSL protocol on you Web• Certificate Validity and Trust• SSL Protocol version support• Encryption Cipher Strength• Encryption Key Exchange• SOLUTION description• Risk of Attack description Register here: http://www.ssllabs.com
    • Qualys Global CommunityJoin us at https://community.qualys.com Total Members 4500 4000 3500 3000 2500 2000 1500 1000 500 0 24.7 24.8 24.9 24.1 24.2 24.3 24.4 24.5 24.6 24.7 24.8 24.9 24.10 24.11 24.12 24.10 24.11 24.12 26
    • CSO Interchange EventsComing to a City Near You http://www.csointerchange.org 27
    • Qualys Security Conferences ‘12Las Vegas, Munich, London and Paris http://www.qualys.com/qsc 28
    • Thank You mskalicky@qualys.com