Overview

The Qualys Gov Platform is the only comprehensive FedRAMP-authorized security and compliance assessment platform. The platform is easy to implement, easy to use, fully scalable to millions of assets – and consolidates numerous security and compliance use cases to offer government agencies a unified and strategic approach for securing digital transformation initiatives. The platform scales to millions of assets, allowing customers to add coverage, users and services as needed seamlessly. It offers unparalleled ease of deployment and slashes the costs and complexity associated with acquiring, installing and maintaining on-premises security software. Qualys is a founding member of the Cloud Security Alliance (CSA) and the Qualys Gov Platform is on the DHS CDM Approved Product List.

Products

  • Qualys Vulnerability Management

    Qualys VM is a cloud service that gives you immediate, global visibility into where your IT systems might be vulnerable to the latest Internet threats and how to protect them.

  • Qualys Continuous Monitoring (CM)

    Qualys Continuous Monitoring (CM) is a next-generation cloud service that gives you the ability to identify threats and monitor unexpected changes in your network before they turn into breaches.

  • Qualys Policy Compliance (PC)

    Qualys Policy Compliance (PC) is a cloud service that performs automated security configuration assessments on IT systems throughout your network.

  • Global IT Asset Inventory

    The Global IT Asset Inventory solution provides cohesive hardware and software asset inventory capabilities across remotely deployed systems, system within elastic-clouds, and on-premise systems. This includes the ability to quickly identify end of life, unused and unauthorized software wherever it resides as well as specific software metadata to include publisher, product, market versions, and counts of instances while also solving the issue of naming variance to better categorize and identify software. Qualys Global IT Asset Inventory also blends in system information to better contextualize the full scope of asset inventory. This solution can assist Federal agencies as they continue to support a remote/telework workforce.

  • Qualys ThreatPROTECT

    Qualys ThreatPROTECT is a cloud-based solution that helps organizations automatically prioritize vulnerabilities by correlating active threats against vulnerabilities.

  • Qualys Web Application Scanning (WAS)

    Qualys Web Application Scanning (WAS) is a cloud service that provides automated crawling and testing of custom web applications to identify vulnerabilities including cross-site scripting (XSS) and SQL injection.

  • Qualys Web Application Firewall (WAF)

    Qualys Web Application Firewall (WAF) is a next-generation cloud service that provides a automated and adaptive approach to protecting web applications by efficiently blocking application layer attacks.

  • Qualys File Integrity Monitoring (FIM)

    Qualys File Integrity Monitoring (FIM) logs and centrally tracks file change events across global IT systems providing centralized cloud-based visibility of activity resulting from normal patching and administrative tasks, change control exceptions or violations, or malicious activity.

  • Qualys Patch Management

    The Qualys Patch Management solution provides for streamlined and accelerated vulnerability remediation for deployed systems, system within elastic-clouds, and on-premise systems. This includes the ability to automatically discover, prioritize and remediate vulnerabilities on a global scale. Solution provides automated correlation of vulnerability and patch data as well as the ability to patch 3rd party applications wherever they may reside. This solution can assist Federal agencies as they continue to support a remote/telework workforce without relying on legacy on-premise patching solutions.

Contracts

Federal

GSA Schedule 70

GS-35F-0119Y
Dec 20, 2011- Dec 19, 2021

SEWP V

NNG15SC03B/NNG15SC27B
May 01, 2015- Apr 30, 2025

ITES-SW

W52P1J-15-D-0008
Mar 03, 2015- Aug 10, 2020
*Additional Option Years Available

State and Local

City of Seattle Contract

0000003265
Jul 11, 2014- Dec 19, 2021

Department of General Services PA - Symantec

4400004253
May 01, 2009- Dec 19, 2021

State of Indiana Contract

0000000000000000000021430
Aug 01, 2017- Jul 31, 2021

State of New Mexico Contract

80-000-18-00002
Aug 01, 2017- Aug 01, 2021

Education

Massachusetts Higher Education Consortium (MHEC)

MC15-04
Aug 10, 2019- Jun 30, 2022

Events

Archived Events

News

Latest News

Qualys, Inc. , a pioneer and FedRAMP Authorized cloud-based IT, security and compliance solution provider today announced the availability of Qualys Remote Endpoint Protection for U.S. federal ...
READ MORE >
Qualys, Inc., a pioneer and leading provider of cloud-based security and compliance solutions, today announced its highly successful Global IT Asset Discovery and Inventory app is available for ...
READ MORE >
Qualys, Inc., a pioneer and leading provider of cloud-based security and compliance solutions, today announced an expanded partnership under which Carahsoft will proactively market, sell and ...
READ MORE >

Resources

Blog

IT organizations around the world are responding to the challenge posed by COVID-19 by ensuring that employees are able to work productively from remote locations. As we are experiencing a never-before-seen explosion of remote endpoints connecting to critical assets of the organization, security of ...

Datasheet

Qualys Malware Detection (MD) allows organizations to proactively scan their websites for malware, providing automated alerts and in-depth reporting to enable prompt identification and resolution.

Qualys Policy Compliance (PC) is a cloud service that performs automated security configuration assessments on IT systems throughout your network. It helps you to reduce risk and continuously comply with internal policies and external regulations.

Qualys PCI Compliance (PCI) provides businesses, online merchants and Member Service Providers the easiest, most cost-effective and highly-automated way to achieve compliance with the Payment Card Industry Data Security Standard.

Qualys ThreatPROTECT (TP) is a cloud-based service that correlates external threat data against an organization’s internal vulnerabilities & lets IT pros automatically prioritize remediation work, such as patch deployment & risk mitigation.

Qualys Vulnerability Management (VM) is a cloud-based service that gives you immediate, global visibility into where your IT systems might be vulnerable to the latest Internet threats and how to protect them. It helps you to continuously identify threats and monitor unexpected changes in your networ...

Qualys Web Application Scanning (WAS) is a cloud-based service that provides automated crawling and testing of custom web applications to identify vulnerabilities including cross-site scripting (XSS) and SQL injection.

Guide

This guide provides a unified and strategic approach for federal agencies’ security and compliance. As the only security vendor with a FedRAMP certified scanning platform, Qualys has the experience and technology to help civilian and defense federal agencies, as well as state and local governments...

Presentation

In this presentation, Nicolas Chaillan, Federal Chief Technology Officer at Qualys, discusses the Qualys Gov Platform, its cybersecurity and compliance strategies, and its unique security features.

Resources

Knowing what's connected to your hybrid-IT environment is fundamental to security. Simply put, you can't secure what you can't see. Built on the Qualys FedRAMP authorized cloud platform, Qualys Global IT Asset Inventory easily finds all your IT assets wherever they reside. On-prem devices and applic...