Risk
1/20/2012
04:28 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Qualys Launches New Freemium Web Security Service For SMBs

FreeScan performs comprehensive scans on websites or publicly facing IP addresses

Redwood Shores, Calif., January 18, 2012 – Qualys Inc., the leading provider of cloud-based IT security and compliance management solutions, today announced the availability of its new and improved FreeScan service to help small and medium businesses (SMBs) audit and protect their web sites from security vulnerabilities and malware infections. The new FreeScan service allows SMBs to scan their web sites for malware, network and web application vulnerabilities, as well as SSL certificate validation, helping web site owners identify risk before hackers do in order to prevent data beaches and protect online visitors from infections. The new FreeScan is now available at: http://www.qualys.com/audit.

As web sites grow ever more complex and users spend ever more time online, cybercriminals are stepping up their game to focus on exploiting legitimate sites – and the trust placed in those sites by users. Techniques such as cross-site scripting (XSS) and SQL injection attacks enable hackers to take control of web sites “behind the scenes,” redirecting users without their knowledge in order to steal data or spread malware.

"Web sites are often vulnerable to attack, and oftentimes sites are compromised without the knowledge of the web site owners or its users," said Scott Crawford, research director for EMA. "While organizations want to ensure security, many lack the resources to identify possible security issues, or they do not know where to start. Using a free service like Qualys FreeScan can help organizations proactively gain visibility into possible issues so they can take the steps needed to protect their web sites and online visitors."

Powered by Qualys’ cloud-based platform that hosts the QualysGuard' security and compliance suite of applications, FreeScan is an easy-to-use service that allows customers to perform comprehensive scans on web sites or publicly facing IP addresses. The free service scans for:

Network perimeter vulnerabilities Web application vulnerabilities Web site malware infections SSL certificate validity

The scan results also provide guidance on remediation to fix identified vulnerabilities and remove malware infections.

“In our continuous effort to make security and compliance easy and affordable, we’re pleased to expand our popular FreeScan service so smaller businesses can protect their internet presence as larger enterprises do,” said Philippe Courtot, chairman and CEO for Qualys.

Availability of Qualys FreeScan Qualys FreeScan is available now to users who register at http://qualys.com/audit. FreeScan allows each customer to run up to five scans on their web sites or publicly facing IP addresses at no cost.

About Qualys

Qualys, Inc. is the leading provider of cloud-based information security and compliance solutions with 5,500+ customers in 85 countries, including 50 of the Forbes Global 100. The Qualys cloud-based platform and integrated suite of applications helps businesses simplify security operations and lower the cost of compliance, delivering critical security intelligence on demand and automating the full spectrum of auditing, compliance and protection for IT systems and web applications. Founded in 1999, Qualys has established strategic partnerships with leading managed service providers and consulting organizations including BT, Dell SecureWorks, Fujitsu, IBM, NTT, Symantec, Verizon, and Wipro. The company is also a founding member of the Cloud Security Alliance (CSA).

For more information, please visit www.qualys.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Mya
50%
50%
Mya,
User Rank: Apprentice
1/23/2012 | 10:51:49 AM
re: Qualys Launches New Freemium Web Security Service For SMBs
The content of this page is informative and good
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6117
Published: 2014-07-11
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777.

CVE-2014-0174
Published: 2014-07-11
Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.

CVE-2014-3485
Published: 2014-07-11
The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.

CVE-2014-3499
Published: 2014-07-11
Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.

CVE-2014-3503
Published: 2014-07-11
Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate passwords, which makes it easier for remote attackers to guess the password via a brute force attack.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Marilyn Cohodas and her guests look at the evolving nature of the relationship between CIO and CSO.