Qualys has unveiled TruRisk Eliminate, a comprehensive remediation solution that extends beyond patching to help organisations further reduce risk. It provides additional innovative remediation methods when patching isn’t feasible. This approach uses patchless patching, targeted isolation, and other mitigation strategies to ensure robust protection. Patch management is a core capabilityRead More…
According to new research from the Qualys Threat Research Unit (TRU), between January to mid-July, the Common Vulnerabilities and Exposures (CVEs) count rose by 30% from 17,114 in 2023 to 22,254 in 2024. The increase in CVEs reflects rising software complexityRead More…
Qualys has announced the launch of its API security platform that leverages AI-powered scanning and deep learning-based web malware detection to secure web apps and APIs across the entire attack surface, including on-premises web servers, databases, hybrid, multi-cloud environments, API gateways, containerised architectures, and microservices. APIs are integral to digitalRead More…
The Qualys Threat Research Unit (TRU) has discovered a Remote Unauthenticated Code Execution (RCE) vulnerability in OpenSSH’s server (sshd) in glibc-based Linux systems. CVE assigned to this vulnerability is CVE-2024-6387. The vulnerability, which is a signal handler race condition in OpenSSH’s server (sshd), allows unauthenticated remote code execution (RCE) as root on glibc-based Linux systems; that presents aRead More…
Qualys has announced the launch of CyberSecurity Asset Management 3.0, an expansion of the Enterprise TruRisk Platform. This update integrates its leading vulnerability assessment capability into its External Attack Surface Management (EASM) solution delivering an accurate, real-time view of the external attack surface that eliminates more false positives to mitigateRead More…
Qualys has announced the launch of its Managed Security Services Partner (MSSP) Portal as part of the growth and evolution of its partner management strategy. Qualys’ global MSSP partners now have access to a unified platform that streamlines client, subscription, and security services management for enhanced operational efficiencies, enabling increasedRead More…
Qualys has announced it is offering free 30-day access to the Qualys Enterprise TruRisk Platform to aid organisations in efficiently discovering and classifying internet-facing and internal-facing assets, and prioritising vulnerabilities for swift and safe remediation, aligning with the UK’s National Cyber Security Centre (NCSC) 5-7 days guidance. NCSC recently released guidance recommending patchingRead More…
Qualys has announced it has received cloud service provider (CSP) certification from the Dubai Electronic Security Center (DESC). The certification confirms that Qualys’ cloud services, within the certification scope, operate according to DESC’s CSP Security Standard requirements.Read More…
