PRESS RELEASE

SAN FRANCISCO --(Business Wire)-- Mar 01, 2010 Qualys', Inc., the leading provider of on demand IT security risk and compliance management solutions, today at RSA Conference USA 2010 (Booth# 1432) introduced Qualys GO SECURE " a new service that allows businesses of all sizes to test their web sites for the presence of malware, network and web application vulnerabilities, as well as SSL certificate validation. Once a web site passes the four comprehensive security tests, the Qualys GO SECURE service generates a Qualys SECURE seal for the merchant to display on their web site demonstrating to online customers that their company is maintaining a rigorous and proactive security program.

As more and more business is transacted over the Internet, it is important for consumers to know that the web sites they visit are taking online security seriously. By using the Qualys SECURE seal, businesses can demonstrate that their web sites are following rigorous security testing procedures on a regular basis. If malware or a vulnerability that could lead to infection of online visitors or compromise of the web site is identified by the GO SECURE service, the merchant is immediately notified and the seal is subsequently removed. After the merchant removes the malware or remediates the vulnerability either by fixing or mitigating it, then the Qualys SECURE seal is re-instated automatically.

"Cybercriminals are increasingly exploiting flaws within web sites to install drive-by malware and steal customer data. To maintain confidence in e-commerce, businesses must improve security of their web sites," said Charles Kolodgy, research director for security products at IDC. "Qualys, the leading on demand vulnerability management vendor, is bringing its expertise to enterprises to help them combat web borne malware and identifying and removing vulnerabilities."

The Qualys GO SECURE service validates that a web site has gone through a comprehensive security test by scanning for:

* Perimeter vulnerabilities identifying externally facing vulnerabilities of the web server that could give attackers access to information stored on the host * Web application vulnerabilities by crawling and injecting http requests to the web application to identify vulnerabilities such as SQL injection and cross-site scripting (XSS) * Malware detection to identify malicious software that could be hosted by the web site and infect visitors * SSL certificate validation to verify the web site is using an up-to-date SSL certificate from a trusted certificate authority (CA) for encryption of sensitive information during online transactions

"As more and more business and activities move to the cloud, we now all face greater security threats," said Philippe Courtot, chairman and CEO for Qualys. "Our goal in launching the Qualys GO SECURE service is to empower businesses with a comprehensive and affordable program to proactively secure their web sites and demonstrate their commitment to protecting online customers and their data from any breaches."

Qualys today also announced QualysGuard' Malware Detection, a new free service that enables organizations to accurately identify the presence of malware on their web sites.

Availability

Available today in Beta, Qualys GO SECURE subscriptions are sold annually starting at $995 per web site. To sign up for this service, please visit http://www.qualys.com/GOSECURE.

About Qualys

Qualys, Inc. is the leading provider of on demand IT security risk and compliance management solutions " delivered as a service. Qualys' Software-as-a-Service solutions are deployed in a matter of hours anywhere in the world, providing customers an immediate and continuous view of their security and compliance postures.

The QualysGuard' service is used today by more than 4,000 organizations in 85 countries, including 42 of the Fortune Global 100 and performs more than 500 million IP audits per year. Qualys has the largest vulnerability management deployment in the world at a Fortune Global 50 company.

Qualys has established strategic agreements with leading managed service providers and consulting organizations including BT, Etisalat, Fujitsu, IBM, I(TS)2, LAC, NTT, SecureWorks, Symantec, Tata Communications and TELUS.

For more information, please visit www.qualys.com.