Qualys Web Application Firewall Version 2.0 Includes Virtual Patching and Event Response Capabilities, Along with Tight Integration of Qualys WAS; Enables Organizations to Efficiently Address Web Application Security
SAN FRANCISCO, CA--(Marketwired - Apr 21, 2015) - RSA Conference USA 2015, Booth #N3421 -- Qualys, Inc. (
"While web application firewall solutions have long been deemed too complex to set up and manage, today's vendors have made significant investments in product development to simplify and automate WAF functionality," said Chris Rodriguez, senior industry analyst, Frost & Sullivan. "Qualys' ability to provide an end-to-end solution that combines web application scanning and web application firewall to effectively to detect and mitigate vulnerabilities is a strong value proposition and is in alignment with where we believe the WAF market is heading."
As hackers continue to find new ways to penetrate web applications, WAFs can detect, alert and block known attacks. With the latest version of Qualys WAF, users can now create "virtual patch" rules in direct response to their Qualys WAS findings, to enable rapid false positive resolution, as well as customization of security rules tailored for the organization's environment. This helps customers better tune security policies, quickly remove false positives, and easily customize WAF security rules for web applications.
Qualys Web Application Firewall is a next-generation cloud service that brings an unparalleled combination of scalability and simplicity to web app security. Its automated, adaptive approach provides organizations with the following:
Tight Integration with Qualys Web Application Scanning
Qualys WAS provides customers the ability to continuously discover, catalog and scan web applications on a global scale with a high degree of accuracy. It provides the industry's first continuous progressive scanning capability to scan and monitor thousands of web apps. Qualys WAS crawls and tests web applications for OWASP top 10 risks, SQL injection, Cross-Site Scripting, and web site misconfigurations. By tightly integrating the scan and the firewall, when Qualys WAS identifies a threat or a risk, it can automatically deploy the relevant virtual patch to the Qualys WAF to mitigate associated risks.
Additionally, Qualys WAF monitors all web pages visited by users and automatically shares this information back to the web application scanner, ensuring these pages are not missed during the next scan. Such an approach helps block attacks on web app vulnerabilities, prevent disclosure of sensitive information and control where and when applications are accessed.
"Many organizations are struggling to find a balance between identifying and effectively addressing vulnerabilities fast enough to avoid falling victim to large-scale breaches," said Philippe Courtot, chairman and CEO of Qualys, Inc. "By integrating security rules and policies from our WAF solution with Qualys WAS data, we are providing significant value to our customers with the flexibility and automation needed to tackle web application security threats. It's a giant step towards complete automation of web application security."
Availability
Qualys Web Application Firewall is now available and sold as an annual subscription starting at $1,995 for small businesses and $9,995 for larger enterprises based on the number of web applications and virtual appliances. Visit https://www.qualys.com/WAF for more pricing and additional information.
Additional Resources
About Qualys, Inc.
Qualys, Inc. (
Qualys, the Qualys logo and QualysGuard are proprietary trademarks of Qualys, Inc. All other products or names may be trademarks of their respective companies.
Contact Information:
MEDIA CONTACTS
Melissa Liton
Qualys, Inc.
(650) 801-6242
Michelle Kincaid
LEWIS PR on behalf of Qualys
(415) 432-2467