Risk
1/20/2012
04:28 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Qualys Launches New Freemium Web Security Service For SMBs

FreeScan performs comprehensive scans on websites or publicly facing IP addresses

Redwood Shores, Calif., January 18, 2012 – Qualys Inc., the leading provider of cloud-based IT security and compliance management solutions, today announced the availability of its new and improved FreeScan service to help small and medium businesses (SMBs) audit and protect their web sites from security vulnerabilities and malware infections. The new FreeScan service allows SMBs to scan their web sites for malware, network and web application vulnerabilities, as well as SSL certificate validation, helping web site owners identify risk before hackers do in order to prevent data beaches and protect online visitors from infections. The new FreeScan is now available at: http://www.qualys.com/audit.

As web sites grow ever more complex and users spend ever more time online, cybercriminals are stepping up their game to focus on exploiting legitimate sites – and the trust placed in those sites by users. Techniques such as cross-site scripting (XSS) and SQL injection attacks enable hackers to take control of web sites “behind the scenes,” redirecting users without their knowledge in order to steal data or spread malware.

"Web sites are often vulnerable to attack, and oftentimes sites are compromised without the knowledge of the web site owners or its users," said Scott Crawford, research director for EMA. "While organizations want to ensure security, many lack the resources to identify possible security issues, or they do not know where to start. Using a free service like Qualys FreeScan can help organizations proactively gain visibility into possible issues so they can take the steps needed to protect their web sites and online visitors."

Powered by Qualys’ cloud-based platform that hosts the QualysGuard' security and compliance suite of applications, FreeScan is an easy-to-use service that allows customers to perform comprehensive scans on web sites or publicly facing IP addresses. The free service scans for:

Network perimeter vulnerabilities Web application vulnerabilities Web site malware infections SSL certificate validity

The scan results also provide guidance on remediation to fix identified vulnerabilities and remove malware infections.

“In our continuous effort to make security and compliance easy and affordable, we’re pleased to expand our popular FreeScan service so smaller businesses can protect their internet presence as larger enterprises do,” said Philippe Courtot, chairman and CEO for Qualys.

Availability of Qualys FreeScan Qualys FreeScan is available now to users who register at http://qualys.com/audit. FreeScan allows each customer to run up to five scans on their web sites or publicly facing IP addresses at no cost.

About Qualys

Qualys, Inc. is the leading provider of cloud-based information security and compliance solutions with 5,500+ customers in 85 countries, including 50 of the Forbes Global 100. The Qualys cloud-based platform and integrated suite of applications helps businesses simplify security operations and lower the cost of compliance, delivering critical security intelligence on demand and automating the full spectrum of auditing, compliance and protection for IT systems and web applications. Founded in 1999, Qualys has established strategic partnerships with leading managed service providers and consulting organizations including BT, Dell SecureWorks, Fujitsu, IBM, NTT, Symantec, Verizon, and Wipro. The company is also a founding member of the Cloud Security Alliance (CSA).

For more information, please visit www.qualys.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Mya
50%
50%
Mya,
User Rank: Apprentice
1/23/2012 | 10:51:49 AM
re: Qualys Launches New Freemium Web Security Service For SMBs
The content of this page is informative and good
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-3946
Published: 2014-04-24
Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ACL restrictions in opportunistic circumstances by sending IPv6 packets in an unspecified scenario in which expected packet drops do not occur for "a small percentage" of the packets, aka Bug ID CSCty73682.

CVE-2012-5723
Published: 2014-04-24
Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948.

CVE-2013-6738
Published: 2014-04-24
Cross-site scripting (XSS) vulnerability in IBM SmartCloud Analytics Log Analysis 1.1 and 1.2 before 1.2.0.0-CSI-SCALA-IF0003 allows remote attackers to inject arbitrary web script or HTML via an invalid query parameter in a response from an OAuth authorization endpoint.

CVE-2014-0188
Published: 2014-04-24
The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which allows remote attackers to bypass authentication and impersonate arbitrary users via the X-Remote-User header in a request to...

CVE-2014-2391
Published: 2014-04-24
The password recovery service in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 makes an improper decision about the sensitivity of a string representing a previously used but currently invalid password, which allows remote attackers to obtain potent...

Best of the Web