Qualys is present in 7 markets with 9 products. Qualys has 954 reviews with an overall average rating of 4.5.
Application Security Testing
Gartner defines the application security testing (AST) market as consisting of providers of products that enable organizations to assess applications for the presence and management of risk. These products identify risk by evaluating source code, performing runtime tests and inspecting supply chain components. AST products can be integrated throughout development workflows for continuous assessment or be used to perform ad hoc evaluations. They enable organizations to manage application risks by providing an integrated set of capabilities for risk identification, prioritization and triage, policy evaluation and enforcement, and remediation assistance. Market offerings are available in on-premises, SaaS and hybrid delivery models. Organizations leverage AST products to assess applications for the presence of security vulnerabilities and other risks (e.g., legal and operational) throughout their life cycle. These assessments are used to measure and manage the risks within individual applications, application components or groups of applications in the context of their business criticality and other key attributes (e.g., environment, sensitive data handling, etc.). AST products further enable organizations to evaluate software for compliance with internal policies as well as regulatory requirements established by governments or authoritative industry groups.
Qualys has 1 product in Application Security Testing market
Cloud Web Application and API Protection
Gartner defines cloud web application and API protection (WAAP) as a category of security solutions designed to protect web applications and APIs from different types of attacks, irrespective of the hosting location. Typically delivered as a service, cloud WAAP is a consolidation of multiple capabilities offered as a series of security modules and designed to protect against a broad range of runtime attacks. Core capabilities are web application firewalls (WAFs), distributed denial of service (DDoS) mitigation, protection against advanced API attacks and automated (bot) traffic management. A cloud WAAP solution must incorporate all four core capabilities within the same offering.
Qualys has 1 product in Cloud Web Application and API Protection market
Cloud-Native Application Protection Platforms
Cloud-native application protection platforms (CNAPPs) are a unified and tightly integrated set of security and compliance capabilities, designed to protect cloud-native infrastructure and applications. CNAPPs incorporate an integrated set of proactive and reactive security capabilities, including artifact scanning, security guardrails, configuration and compliance management, risk detection and prioritization, and behavioral analytics, providing visibility, governance and control from code creation to production runtime. CNAPP solutions use a combination of API integrations with leading cloud platform providers, continuous integration/continuous development (CI/CD) pipeline integrations, and agent and agentless workload integration to offer combined development and runtime security coverage.
Qualys has 1 product in Cloud-Native Application Protection Platforms market
Cyber Asset Attack Surface Management
Cyber asset attack surface management (CAASM) is focused on enabling security teams to overcome asset visibility and exposure challenges. It enables organizations to see all assets (internal and external), primarily through API integrations with existing tools, query consolidated data, identify the scope of vulnerabilities and gaps in security controls. These tools then continuously monitor and analyze detected vulnerabilities to drill down the most critical threats to the business and prioritize necessary remediation and mitigation actions for improved cyber security.
Qualys has 1 product in Cyber Asset Attack Surface Management market
Endpoint Protection Platforms
Gartner defines an endpoint protection platform (EPP) as security software designed to protect managed endpoints — including desktop PCs, laptop PCs, virtual desktops, mobile devices and, in some cases, servers — against known and unknown malicious attacks. EPPs provide capabilities for security teams to investigate and remediate incidents that evade prevention controls. EPP products are delivered as software agents, deployed to endpoints, and connected to centralized security analytics and management consoles. EPPs provide a defensive security control to protect end-user endpoints against known and unknown malware infections and file-less attacks using a combination of security techniques (such as static and behavioral analysis) and attack surface reduction capabilities (such as device control, host firewall management and application control). EPP prevention and protection capabilities are deployed as a part of a defense-in-depth strategy to help reduce the endpoint attack surface and minimize the risk of compromise. EPP detection and response capabilities are used to uncover, investigate and respond to endpoint threats that evade security protection, often as a part of broader threat detection, investigation and response (TDIR) capable products.
Qualys has 1 product in Endpoint Protection Platforms market
Exposure Assessment Platforms
Exposure assessment platforms (EAPs) continuously identify and prioritize exposures, such as vulnerabilities and misconfigurations, across a broad range of asset classes. They natively deliver or integrate with discovery capabilities, such as assessment tools, that enumerate exposures, like vulnerabilities and configuration issues, to increase visibility. EAPs use techniques like threat intelligence (TI) to analyze an organization’s attack surfaces and weaknesses, and prioritize treatment efforts for high-risk exposures by incorporating threat landscape, business and existing security control context. Through prioritized visualizations and treatment recommendations, EAPs help provide direction for mobilization, identifying the various teams involved in mitigation and remediation. EAPs are primarily delivered as self-hosted software or as a cloud service, and may use agents for exposure information collection.
Qualys has 1 product in Exposure Assessment Platforms market
Vulnerability Assessment
VA solutions identify, categorize and prioritize vulnerabilities as well as orchestrate their remediation or mitigation. Their primary focus is vulnerability and security configuration assessments for enterprise risk identification and reduction, and reporting against various compliance standards. VA can be delivered via on-premises, hosted and cloud-based solutions, and it may use appliances and agents. Core capabilities include: - Discovery, identification and reporting on device, OS, software vulnerabilities and configuration against security-related criteria - Establishing a baseline for systems, applications and databases to identify and track changes in state - Reporting options for compliance, control frameworks and multiple roles Standard capabilities include: - Pragmatic remediation prioritization with the ability to correlate vulnerability severity, asset context and threat context that then presents a better picture of true risk for your specific environment - Guidance for remediating and configuring compensating controls - Management of scanner instances, agents and gateways - Direct integration with, or API access to, asset management tools, workflow management tools and patch management tools
Qualys has 3 products in Vulnerability Assessment market
- 1 more product