Web Applications Security Scanner Introduced

Today's Best Tech Deals

Picked by PCWorld's Editors

Top Deals On Great Products

Picked by Techconnect's Editors

At RSA Conference 2009 Qualys will announce its own Web-application scanning software and plans to develop or acquire technology to defend the vulnerabilities it finds.

Web Application Scanning will crawl Web applications as if it is an attacker seeking flaws to exploit, then report on the problems it finds, says Phillipe Courtout, chairman and CEO of Qualys.

Customers can then shield the applications with Web application firewalls or rewrite the application code to patch the vulnerabilities, he says. Over the next year or so, the company plans to acquire or license technology that will enable it to offer services that defend against the flaws the scanning service discovers, he says.

The company is also announcing the 2.0 version of its QualysGuard Policy Compliance service that scans network devices and reports whether they comply with data security policies. The new version expands the service's support to more databases and operating systems. It also supports custom controls that corporate customers might have that are outside standard regulatory and industry policies impose.

Qualys is announcing a new API to its compliance platform to allow integration with vendors whose products contribute to ensuring payment card industry compliance. With the API, these third-party security vendors can share data gathered about network security that can be used to show PCI compliance, Courtout says.

This story, "Web Applications Security Scanner Introduced" was originally published by Network World.

Note: When you purchase something after clicking links in our articles, we may earn a small commission. Read our affiliate link policy for more details.
Shop Tech Products at Amazon