• Overview
• Success Stories
• Quotes
• Awards

Success - On Time, On Budget, On Demand

For us, the only way to measure success is through the results we deliver to each and every customer. Achieving effective IT security and regulatory compliance, in harmony with business objectives, is imperative for our customers' success - regardless of the uniqueness of their business, their culture and size. Here's how, in their words, we've helped thousands of companies get there.

Education

• Colby Sawyer

Financial Services

• American State Bank
• Bank of the West
• Commercial Bank of Dubai
• EarthMover Credit Union
• Fiducia IT AG
• Fifth Third Bancorp
• First Bank & Trust
• New York Board of Trade
• Standard Chartered Bank
• VSR Financial Services
• WesCorp

Government

• European Patent Office
• Florida Department of Health
• Marine Corps Community Services

Healthcare

• American Specialty Health
• Geisinger Health System

Insurance

• AXA Investment Managers
• CIGNA Corporation
• VGZ-IZA-Trias

Manufacturing

• ICI
• Jelly Belly Candy Company
• McDonald's France

Not-for-Profit

• The Humane Society of the United States

Publishing/Media

• Journal Communications, Inc.
• RR Donnelley

Services

• Arval
• Digital Resources Group
• Jacadis
• Joel Lanz
• R. Kinney Williams & Associates
• Sodexo

Technology

• eBay
• Oracle
• RightNow Technologies
• SAS
• WebEx

Transportation

• Frontier Airlines

Read Case Study

Industry: Education

Headquarters: New London, New Hampshire

Students: 985+ undergraduates

Employees: 380+

"I can tell you that all of the time and effort we've invested in security has paid off. Our workload has been cut dramatically. We're much more efficient now — and much more secure. Qualys provides us the easiest way to prioritize and fix our software vulnerability and configuration issues. You plug it in, and it works."

Information Security Analyst

Objectives

• Provide effective IT security throughout its network to ensure a secure and highly-available academic environment.
• Manual vulnerability scans lacked visibility into Colby-Sawyer infrastructure, and failed to easily identify servers and vulnerabilities that jeopardized security and compliance efforts.

Results

• QualysGuard quickly became a critical part of its risk management program, enabling the college to conduct daily scans of its critical servers and externally-facing network addresses.
• Automated on demand security and vulnerability audits, highly accurate vulnerability and configuration scans, and comprehensive reporting capability.

Back to top

Read Case Study

Industry: Financial Services

Headquarters: Osceola, Iowa

Locations: 5 branches throughout Iowa

Total Assets: $289.4 million

"When we receive notifications from our QualysGuard scans we instantly see a comparison to the previous scan and know if everything is okay, or if there is a new vulnerability we need to take care of right away."

Network Administrator

Objectives

• Secure American State Bank's new online banking services.
• Meet internal and FDIC security compliance demands.

Results

• QualysGuard Express enables the bank to quickly and cost-effectively reduce security risks throughout the organization and meet complex banking regulatory demands.

Back to top

Read Case Study

Industry: Financial Services

Headquarters: San Francisco, California

Locations: 680+ branches throughout US

Employees: 10,700+

Customers: 3+ million households throughout 19 states

Total Assets: $54 billion

"The QualysGuard solution is easiest to deploy, requires the least maintenance in terms of day-to-day care and feeding, has the least potential for conflicts with our existing platforms and production environment, and is economical."

VP of Network Engineering and Operations

Objectives

• Efficiently identify and eliminate network vulnerabilities across multiple operating system platforms and applications.
• Regulatory reporting to prove security compliance.
• Rapid deployment and user training for a reliable vulnerability management solution.
• Ability to easily handle branch and company expansion.

Results

• With QualysGuard, Bank of the West was able to scan their entire network within hours and successfully identify and eliminate risks.
• Able to now meet regulatory security requirements using QualysGuard reports.
• Bank of the West has been able to effortlessly increase their use of QualysGuard as the network demands of the bank grow without any additional overhead or staff.

Back to top

Read Case Study

Industry: Financial Services

Headquarters: United Arab Emirates

Locations: 20+ branches

Business: Retail and commercial banking services

Annual Revenue: AED 600+ million

Total Assets: AED 18+ billion

"We no longer have to spend so much time checking the accuracy of scanner reports, or maintaining the software. We simply assess our network regularly and can trust Qualys' results."

Senior Manager and Head of IT Security

Objectives

• Needed an effective and efficient way to keep its network and IT infrastructure secure and updated with the latest security patches.
• Put into place an automated, repeatable, verifiable way to manage software vulnerabilities.
• Open source vulnerability scanners lacked accuracy, and IT security team-members had to spend inordinate amounts of time sorting the false positives from actual vulnerabilities.

Results

• CBD selected QualysGuard from Qualys Inc., thus enabling the bank to streamline control of its entire vulnerability management lifecycle: asset discovery, vulnerability assessments, and track security fixes.
• The thorough QualysGuard scans not only provide the ability to identify and mitigate vulnerabilities and misconfigurations; its comprehensive reporting can be tailored for security teams, IT operations, and the bank's business executives.
• Perhaps the greatest saving comes from QualysGuard's accuracy and the fact that security team members no longer have to waste extraordinary amounts of time chasing false positives.
• Today, CBD conducts automated QualysGuard scans of its internal network every week, and of its external, Internet-facing networks every day.

Back to top

Read Case Study

Industry: Financial Services

Headquarters: Oswego, IL

Business: Credit union serving the Chicago metropolitan area

Total Assets: $200+ million

Employees: 84+

"Qualys went above and beyond the other vendors. It thoroughly demonstrated its service, and helped walk me through an actual scan. It spent time teaching me the product. None of the competitors came close. The quality of the product and the demonstration cinched Qualys for me."

Information Technology Manager

Objectives

• Provide an additional, yet crucial, layer of defense to its existing IT and physical security safeguards through automated vulnerability assessments.
• Improve its vulnerability risk management program, which includes the ability to discover network assets and applications, identify vulnerabilities, provide remediation information and workflow, and then validate that the vulnerabilities have been fixed.

Results

• QualysGuard provided automated, and highly-accurate vulnerability identification.
• QualysGuard provides the credit union the ability to better discover and manage all of its networked devices - desktops, servers, routers, and more to create detailed reports that are used throughout all levels of administrators and business leaders.
• QualysGuard has dramatically improved vulnerability reporting, especially helpful for internal auditing and compliance efforts.

Back to top

Read Case Study

Industry: Finance Services

Headquarters: Karlsruhe - Germany

Employees: 3,000

"QualysGuard enables us to collect security and compliance information from all of our global IT assets without having to deploy agents and to leverage this data across multiple compliance and regulatory initiatives. This enables us to drastically reduce the cost of compliance reporting while gaining an accurate view of our security and compliance posture."

Chief Security Officer

Objectives

• Replacement of the Nessus opensource solution with a commercial risk-management tool

Results

• Easy implementation of the solution & self-explanatory
• Various views and reports
• Little administration and support required

Back to top

Read Case Study

Industry: Financial Services

Headquarters: Cincinnati, Ohio

Business: Diversified financial services company

Locations: Operates 18 affiliates with 1,167 full-service banking centers throughout the US

Employees: 21,000+

Annual Revenue: $8.5+ billion

Total Assets: $220 billion in managed assets

"It's not about being secure the day the auditors show up. It's about being secure and compliant every month, week, day, and hour. And QualysGuard helps us to achieve and demonstrate that continuous level of security and compliance."

Manager of Information Security Vulnerability Management Team

Objectives

• Fifth Third's vulnerability management team, dedicated to keeping 5,000 servers and 30,000 desktops secure, needed to move away from manual-based scanners that only allowed the team to run ad-hoc scans, and lacked the ability to centrally manage vulnerability data or trend the bank's risk management progress over time.
• Attain more accurate scan results and organize data by business units, system platforms, and any other way needed.

Results

• Fifth Third has 20 QualysGuard appliances deployed that continuously audit more than 30,000 specific IP addresses automatically throughout the bank's infrastructure.
• Via QualysGuard's ability to assign highly-specific asset tags, the bank can now parse its vulnerability information in any way it needs. The bank can break down its reporting by machine types, business units, and many other ways.
• Fifth Third has improved efficiency via the use of QualysGuard's API to automate report distribution to all IT managers, systems administrators and others.

Back to top

Read Case Study

Industry: Financial Services

Headquarters: New Orleans, Louisiana

Locations: 9 branches throughout New Orleans

Employees: 200+

"Not only do we use QualysGuard to perform all of our vulnerability assessments, it also helps us demonstrate compliance with financial regulations and manage overall business risk. We now have direct control over assessment and remediation — and a truer picture of security for the Bank's management."

Data Security Officer

Objectives

• Improve vulnerability assessment management and remediation processes.
• Cost-efficiently strengthen the security of bank networks, computers and applications.

Results

• QualysGuard Express provides cost-efficient, on demand vulnerability management - reducing risks and improving network security for the bank.

Back to top

Read Case Study

Industry: Financial Services

Headquarters: New York, New York

Locations: Global commodity futures and options trading exchange

"All it took was a phone call and less than an hour to get up and running. Implementation was amazingly easy. And the results were immediate. The return is instant; it was a no-brainer. I've got it to the point where, unless remediation is required, I spend 15 minutes a week to review reports from [our] security scans."

Chief Information Security Officer

Objectives

• Ability to constantly monitor security posture, and implement controls to minimize risk of trade interruptions.
• Consistently meet internal policy and regulatory requirements for NYBOT security and its backup trading sites.
• Attain these objectives without any increase in IT security personnel.

Results

• QualysGuard provided an immediate way for NYBOT to implement a comprehensive vulnerability management system.
• QualysGuard helped NYBOT to attain all key security and compliance objectives

Back to top

Read Case Study

Industry: Financial Services

Headquarters: London, UK

Locations: 1,400+ locations throughout more than 50 countries

Employees: 60,000+

"Being able to report on remediation and response plans has also helped us meet strict financial compliance requirements. QualysGuard reports give me and my security team an instant overview of the overall level of health of security in my organization."

Group Head of Information Security

Objectives

• An effective way to quickly and efficiently tackle critical security problems in the bank's high risk, high profile environment.
• Develop an effective, global, risk-driven approach to security in their highly distributed enterprise.

Results

• QualysGuard Enterprise provides the bank fast and efficient automated network discovery, patching, and fix verification.
• Effective patch prioritization and easy integration with the bank's existing proprietary security applications.

Back to top

Read Case Study

Industry: Financial Services

Headquarters: Overland Park, Kansas

Business: Full-service independent securities broker/dealer

Size: 300+ registered representatives, 80,000+ client accounts

"We wanted to secure our systems more efficiently, as well as prepare for new regulations. Qualys has helped us with both objectives."

Network Engineer

Objectives

• Sought a more effective way to enhance their security and regulatory compliance efforts by putting in place an effective and sustainable vulnerability and risk management program.
• Needed to move away from ad hoc security efforts to a more automated, accurate, and demonstrable way to maintain the security of the systems that support its 300 registered agents.
• Obtain clear, actionable vulnerability and risk reports for administrative staff and management.

Results

• VSR Financial chose QualysGuard from Qualys Inc., making it possible for the firm to streamline control of its entire vulnerability management lifecycle: asset discovery, vulnerability assessments, and track security fixes.
• The thorough QualysGuard scans not only provide the ability to identify and mitigate vulnerabilities and misconfigurations; its comprehensive and actionable reporting makes it possible to resolve issues as quickly as possible.
• Today, QualysGuard has helped VSR Financial to obtain its vulnerability management goals. And the firm is confident that QualysGuard will also keep it prepared for all possible future regulations that will affect the broker/dealer industry.

Back to top

Read Case Study

Industry: Financial Services

Headquarters: San Dimas, California

Locations: 1,000+ member/owner credit unions

Employees: 450+

Total Assets: $24+ billion

"In vulnerability management, it's all about response time. Qualys' remediation agent directly assigns tickets to fix things to my network technicians. The system then tracks those fixes."

Director of Enterprise Security

Objectives

• Move away from time-consuming, manual scans to automated vulnerability assessments.
• Ability to correlate and prioritize vulnerabilities to mitigate risks as soon as possible.

Results

• QualysGuard made it possible for WesCorp to conduct automated, on demand vulnerability scans.
• By correlating QualysGuard's vulnerability information with WesCorp's IT asset values, the financial services cooperative is able to instantly identify and remedy the most critical threats to its infrastructure.

Back to top

Read Case Study

Industry: Government

Headquarters: Rijswijk Zh, Zuid-Holland Netherlands

Business: Grants European patents for the contracting states to the European Patent Convention

Locations: 32 European nations, including every member state of the European Union

Employees: 6,500

"We tried a number of approaches to vulnerability scanning. But when we piloted QualysGuard, it just worked. And, because of Qualys' service model, it works with no overhead efforts from us. We don't have to manage a server, vulnerability updates, or any other hassles."

Director of Planning, Security and Inventory

Objectives

• As a result of the deployment of thousands of additional servers within its infrastructure, and the increased exposure of more of its internal IT systems to the Internet, the EPO needed', to find a way to streamline and automate vulnerability management.
• Secure its patent search portal, Esp@cenet, which offers more than 400 million pages of information and 100 different databases, freely available for search over the Internet.

Results

• Daily automated vulnerability assessments, QualysGuard's centralized management, and the correlation of real-time security events with EPO's other security tools provide the EPO with the ability to rapidly identify any risks posed against its systems — and quickly remedy any security concerns.
• QualysGuard's scalability met the demands of the EPO's rapid infrastructure growth.
• QualysGuard provides the low total cost of ownership the EPO sought. Qualys' on-demand architecture offers significant economic advantages with no capital expenditures, extra human resources, or infrastructure to deploy and manage.

Back to top

Read Case Study

Industry: Government

Headquarters: Tallahassee, Florida

Locations: Throughout Florida

Employees: 17,000+

Customers: 17+ million

"With QualysGuard, we gained the ability to automatically scan everything we own for vulnerabilities. And it provides us with a documentation path for all servers including best security practices, vulnerability ranking and patches."

Bureau Chief, Strategic IT

Objectives

• Revamp security policies and procedures to match legal requirements.
• Cost-efficiently improve network security of public health services and personal health data.
• Overcome lack of IT security staffing and distributed operations.

Results

• After a three month analysis of market alternatives, the Florida Department of Health (DOH) selected QualysGuard as its primary way to find vulnerabilities, manage the remediation process, and verify the execution of other automated security processes such as patching.
• The Florida DOH now scans its entire network once a month, and critical systems are scanned daily to ensure they meet all internal security and regulatory mandates.
• QualysGuard's service-based model allows the department to save up to 90 percent of the cost associated with manual, software-based vulnerability management processes.

Back to top

Read Case Study

Industry: Government

Headquarters: Quantico, Virginia

Scope: MCCS provides members of the U.S. Marine Corps the services they need during their time in uniform — from helping them run their finances, further their education, or relocate to their next station. MCCS also provides a growing number of restaurants, clubs, and stores, including 17 main exchanges, 96 branch and convenience stores, service stations, and more than a dozen clothing stores.

"QualysGuard has increased our efficiency and accuracy, and saves us a whole lot of time. We don't have to do much of anything except act on its reports. We don't have to chase down remediation information. And we know that our patches have been pushed out successfully. We always know that we're patched across the board."

Network Services Manager

Objectives

• Secure its IT infrastructure, which includes more than 900 routers, 300 Windows servers, approximately 160 UNIX servers, and about 160 IBM systems that handle retail point-of-sale and inventory.
• More accurately discover, manage and remedy the vulnerabilities across its network.

Results

• QualysGuard provided an automated, and highly-accurate way to help manage the MCCS' continuous vulnerability management program.
• QualysGuard security assessment results are fed to the MCCS' Windows Server Update Services (WSUS), a Microsoft tool that helps to facilitate the deployment of software updates. Now, the vulnerability mitigation and patching processes associated with 160 different Windows applications is managed by a five person administrative staff.

Back to top

Read Case Study

Industry: Healthcare

Headquarters: San Diego, California

Business: ASH provides complementary health benefits, fitness, and health improvement programs

Size: National, 13+ million members, Privately held

Employees: 380+

"I've never found any other vulnerability management tool that is as comprehensive as QualysGuard. We never have encountered a situation in which a third-party audit found something QualysGuard didn't."

Senior Director of IT Operations and Information Security Officer

Objectives

• Cost-effectively achieve ongoing IT security and regulatory compliance risk mitigation for its own network.
• Simplify PCI compliance.
• ASH doesn't have a staff dedicated to IT security; as a result, its IT director and system administration team need the most automated way to keep its systems secure and compliant.

Results

• QualysGuard provides the company the ability to centrally manage the risks associated with all of its networked assets, and quickly identify and remedy those that are out of policy, misconfigured, or otherwise vulnerable.
• As a PCI DSS-approved scanning vendor, Qualys makes it straightforward for ASH to conduct its annual self-assessments and quarterly network scans.
• QualysGuard provides ASH's system administrators with a proactive way to protect the company's network throughout the entire vulnerability management life cycle, including asset discovery, asset prioritization, vulnerability assessment and analysis, remediation planning, and fix verification.

Back to top

Read Case Study Article

Industry: Healthcare

Headquarters: Danville, Pennsylvania

Locations: 38 throughout Pennsylvania

Employees: 9,900+

Customers: 2.5+ million

Total Assets: $1.5+ billion

"QualysGuard reports are an excellent solution for documenting IT security controls and compliance with regulatory requirements. QualysGuard helps us protect the security and integrity of our systems supporting our electronic medical record systems."

Chief Information Security

Objectives

• Protect the security and integrity of EMR accessed online by clinical providers and patients, and comply with HIPAA security regulations.
• Provide and verify security for a complex system of several patient and clinical provider Web portals with more than 435 network applications, 70 of which feed data to the EMR system.

Results

• QualysGuard automatically finds vulnerabilities and documents remediation for its network that supports Geisinger's EMR system.
• QualysGuard proved to save time by automating the processes associated with vulnerability management: from host discovery and vulnerability assessment to fix verification.

Back to top

Read Case Study Article

Industry: Insurance

Headquarters: Paris, France (Parent)

Locations: Worldwide

Employees: 17,000+

Annual Revenue: $104+ billion

Customers: 17+ million

Stock Symbol: AXA (NYSE)

"QualysGuard is technically the best vulnerability management solution... and epitomizes my vision of the ideal vulnerability management platform."

Global Security Architect

Objectives

• Ability to ensure that public servers are highly secure, patches are up-to-date, and security policy standards are met without exception.
• Maintain operating efficiencies and optimize profitability by deploying cost-saving technologies.
• Accurate vulnerability data with comprehensive reporting.

Results

• QualysGuard Enterprise provides a comprehensive, 360-degree view of AXA's network security.
• A fully automated vulnerability management and workflow system for fast detection and remediation of security risks.
• Dynamic reporting presents immediate visibility of network security posture across the entire organization.

Back to top

Read Case Study

Industry: Healthcare

Headquarters: Philadelphia, Pennsylvania

Locations: Worldwide

Employees: 32,700+

Total Assets: $44+ billion

Stock Symbol: CI (NYSE)

"Before QualysGuard we had an ad hoc process; Qualys brought much stronger control and visibility into our processes. QualysGuard gives us the ability to detect our vulnerabilities across our network and really ensure that we have the level of security and compliance we need."

Chief Information Protection Officer

Objectives

• Meet diverse regulatory compliance mandates, including: Sarbanes-Oxley, Gramm-Leach-Bliley, the Health Insurance Portability and Accountability Act (HIPAA), and others.
• Ensure all systems are adequately secured, and that compliance controls remain in place.
• Quickly and accurately detect systems not in compliance as well as the ability to take quick corrective actions.
• Eliminate complex, ad-hoc processes for end-to-end vulnerability management.

Results

• QualysGuard enabled CIGNA to streamline control of its entire vulnerability management lifecycle: asset discovery, vulnerability assessments, track security fixes, and meet federal, state, and internal policy regulations.
• Ability to quickly assess its complex infrastructure to make certain that proper security and mitigating controls are always in place.

Back to top

Read Case Study

Industry: Healthcare

Headquarters: Netherlands

Employees: 2,300+

Customers: 106+ million

Annual Revenue: $7+ billion

"We have a responsibility to protect the health care information of our customers. With QualysGuard, we know we're doing just that."

ICT System Security Consultant at VGZ-IZA-Trias

Objectives

• VGZ-IZA-Trias sought an easy-to-deploy, highly accurate and automated way to manage and mitigate the vulnerabilities that threaten the security and regulatory compliance of its infrastructure.
• VGZ also needed a vulnerability management solution that would enable the company to scan its infrastructure whenever needed, be up-to-date with the latest security checks, and not prone to time-consuming false positives.
• Make certain VGZ's infrastructure remains compliant with Dutch government health care privacy regulations.

Results

• VGZ-IZA-Trias selected QualysGuard Enterprise to automatically identify and mitigate system vulnerabilities.
• QualysGuard eliminates the need for VGZ to deploy, maintain, and update any vulnerability management software.
• The in-depth remediation information provided from QualysGuard helps VGZ to quickly remedy any uncovered vulnerabilities.
• QualysGuard's 99.997% accuracy rate virtually eliminates all false positives.

Back to top

Read Case Study Q&A Article

Industry: Manufacturing

Headquarters: London, UK

Locations: Worldwide

Employees: 32,000+

Annual Revenue: $11.9+ billion

Stock Symbol: ICI (NYSE)

"If you can't measure security, you can't manage it. Qualys lets me measure and manage my network security. Their reports demonstrate ongoing security improvement in working with IT suppliers."

Director of Global Information Security

Objectives

• Attain a clear and accurate picture of at risk ICI devices.
• Worldwide deployment of network security auditing solution.
• Validate the network security of suppliers and ICI partners. And on demand ability to scan and see results from anywhere.

Results

• QualysGuard worldwide deployment completed within hours.
• ICI can now scan its entire global infrastructure for vulnerabilities at least once a week.
• Automated security audits and remediation workflow across the enterprise.
• Comprehensive documentation of ongoing security audits for management, auditors and government regulators.

Back to top

Read Case Study

Industry: Manufacturing

Headquarters: Fairfield, California

Locations: Worldwide

Employees: 670+

"We don't want the hassles of maintaining this type of software. It's pretty much hands-off to get the benefits with QualysGuard. We have not had any successful attacks since we installed QualysGuard."

Network Administrator and Security Specialist

Objectives

• As Jelly Belly brought many of its Web operations in-house, the company sought a way to enhance its network security capabilities to protect its e-commerce operations. This required its small IT staff to be able to conduct timely and comprehensive security analysis, scanning and remediation.

Results

• QualysGuard provides vulnerability and risk management monitoring for all of its external-facing servers and IT devices including routers, firewall, Web site, and e-mail.
• No need to dedicate staff to keep up with new vulnerabilities or update the on demand QualysGuard solution.

Back to top

Read Case Study

Industry: Manufacturing

Headquarters: Paris, France

Locations: 1,084+ restaurants (France)

Employees: 45,000+ (France)

Annual Revenue: $3.5+ billion (France)

Stock Symbol: MCD (NYSE)

"QualysGuard enables us to automate our internal and external vulnerability audits. We get a concise report of how both insiders and outsiders can view our systems, so we always can know how our systems are in compliance with our internal policies as well as regulations."

Manager of IT Infrastructure

Objectives

• McDonald's France, a subsidiary of McDonald's Corp., needed a way to automate its vulnerability assessments to make certain they're in continuous compliance with internal security policies, as well as such regulations as Sarbanes-Oxley and the Payment Card Industry Data Security Standard.
• Needed to automate many of the processes associated with vulnerability risk management: system discovery, vulnerability identification, and remediation.

Results

• McDonald's France turned to QualysGuard's on demand Web service and appliance to automatically identify and more effectively mitigate system vulnerabilities and misconfigurations.
• QualysGuard enables the company to streamline control of its entire vulnerability management life cycle — asset discovery, vulnerability assessment, security fix tracking — and meet federal, state and internal policy regulations.
• QualysGuard now plays a vital role in McDonald's France regulatory compliance efforts, helping the company to not only achieve security, but also to demonstrate to auditors how its system patches are always well maintained.

Back to top

Read Case Study Article

Industry: Not-For-Profit

Headquarters: Washington, DC

Business: Leading animal protection non-profit that fights for the protection of animal rights through advocacy, education, legislative, and hands-on programs.

Size The nation's largest animal protection organization with 10+ million members and constituents.

"By turning to QualysGuard PCI, we significantly save on the time and resources we need to dedicate to maintaining PCI Compliance."

Chief Information Officer

Objectives

• While the Humane Society had maintained a secure network, it was a costly and time-consuming process to continuously maintain PCI compliance.
• Needed a streamlined way to complete the required PCI DSS questionnaires and network vulnerability audits, and validate compliance to its acquiring banks.

Results

• QualysGuard PCI helps the Humane Society to automatically validate its PCI DSS compliance.
• QualysGuard helps the Humane Society protect its member and contributor information.
• The Humane Society is now able to quickly complete PCI DSS 'Self-Assessment Questionnaires' via QualysGuard.
• QualysGuard allows the Humane Society to document and submit proof of compliance to acquiring banks.

Back to top

Read Case Study

Industry: Media

Headquarters: Milwaukee, Wisconsin

Business: Diversified media company that operates 49 community newspapers and shoppers, 35 radio stations, and 12 TV stations in twelve states, plus 96 individual web sites

Employees: 3,500+

"It used to take us a month, or more, from the time a vulnerability was announced to when we knew it was resolved on our systems. Now, thanks to QualysGuard, it's down to hours."

VP of Information Technologies & CIO

Objectives

• Move away from slow, manual vulnerability scans, to automated and highly accurate vulnerability assessments.
• Automate many IT related compliance efforts through verifiable processes.

Results

• Through QualysGuard, Journal Communications is now able to conduct automated vulnerability assessments on internal systems every week, and Internet-facing systems are evaluated daily.
• QualysGuard makes it possible for Journal Communications to cost-effectively generate SOX-specific reports that measure, help to align, and document ongoing efforts to safeguard financial systems and data.

Back to top

Read Case Study

Industry: Publishing/Media

Headquarters: Chicago, Illinois

Locations: Worldwide

Employees: 60,000+

Annual Revenue: $11+ billion

Stock Symbol: RRD (NYSE)

"We really liked the simplicity of self-service that Qualys' on-demand model provides. All other solutions required self-installation of separate scanning servers, buying a SQL license, getting the database administrator and server people involved, and other overhead. With Qualys, we just installed one appliance and turned it on."

Director of Technology Services

Objectives

• Comprehensive vulnerability assessments were thwarted by complex applications, limited staffing and distributed operations.
• RR Donnelley sought a way to transform vulnerability management from being haphazard and reactive into regular, systematic evaluations of enterprise security.

Results

• QualysGuard provides a cost-efficient way for RR Donnelley to manage its network security risks.
• QualysGuard makes it possible for the company to conduct on demand vulnerability assessments throughout its global network.
• Every business unit immediately put the vulnerability management service to work without requiring more internal resources.

Back to top

Read Case Study

Industry: Financial Services

Headquarters: Swindon, United Kingdom

Business: Arval, a subsidiary of BNP Paribas, provides vehicle fleet financing and long-term contract hire

Size 5,500 employees

Locations: 30 countries, primarily throughout Europe

"While Qualys allows us to define our problems more clearly, the solution also enables us to focus our forces on resolving them (via incident and problem management) and anticipate conformity by providing the permanent audit unit with the indicators required in line with new legislation."

Corporate Information Security Officer

Objectives

• Streamline manual vulnerability analysis into an automated, seamless process that supports Arval's ITIL best practices and ISO 27001 framework.
• Enable Arval's security managers, working with limited resources and tight budgets, and rising regulatory constraints, to more effectively manage IT security and regulatory compliance risks.

Results

• QualysGuard provides automated and highly accurate vulnerability identification, while also integrating tightly within Arval's ITIL and ISO 27001 management practices.
• QualysGuard continuously assesses the security of Arval's internal, and externally-facing IT systems and has proven to scale along with Arval's rapid business expansion.
• QualysGuard provides Arval the ability to better discover and manage all of its networked devices - desktops, servers, routers, and more - to create detailed reports that are used by all levels of administrators and business leaders.
• QualysGuard has helped Arval to more proactively monitor and manage its internal auditing and compliance efforts.

Back to top

Read Case Study

Industry: IT Security Services

Headquarters: San Mateo, California

Business: Security assessments, consulting, and certification for retail organizations with credit card-based sales

Size: U.S. and international customers

"QualysGuard is a very valuable tool and a perfect fit for financial security certifications."

Managing Director

Objectives

• Find a cost-efficient way to conduct remote vulnerability management.
• Find an easy-to-use solution for clients without deep technical expertise.
• Implement an affordable vulnerability management solution.

Results

• QualysGuard proved to be the effective, cost-efficient solution.
• Enables provisioning of ongoing value-added security services to its customers.
• Easy to understand and use, and supports credit card security standards.

Back to top

Read Case Study

Industry: IT Security Services

Headquarters: Columbus, Ohio

Business: Security assessments and consulting for small to medium-sized businesses and state agencies

Size: Statewide. Five consultants.

"The reporting is so clean with Qualys that I don't need a high-dollar consultant explaining data to the customer. This boosts our margins and makes everyone happy."

CEO and Principal Consultant

Objectives

• Required a more reliable up-to-date vulnerability management tool that would free consultants.
• Prior software-based solutions were time-consuming and created enormous financial burdens to maintain and use.
• Sought an affordable vulnerability management solution.

Results

• QualysGuard proved to be the effective, cost-efficient solution.
• Jacadis can deliver security to small organizations without on-staff technical expertise.
• Jacadis has improved the security services it delivers to its clients and improved the efficiency of its consulting operations.

Back to top

Read Case Study

Industry: IT Security Services

Headquarters: Jericho, New York

Business: Risk management assurance and advisory services

Locations: Throughout US

"I couldn't compete with the larger IT consulting firms without QualysGuard."

Founder and Principal

Objectives

• Find an easy-to-use and accurate way to manage vulnerabilities for the firm's financial services customers.
• Prior software-based solutions were-time consuming and created enormous financial burdens to maintain and use.
• Sought an affordable vulnerability management solution.

Results

• QualysGuard enables Joel Lanz to provide clients highly accurate and thorough security assessments.
• Ease of identifying client network assets and vulnerabilities through Qualys' on demand architecture.
• Cost-effective.
• Comprehensive and customizable reporting features.

Back to top

Read Case Study

Industry: IT Security Services

Headquarters: Lubbock, Texas

Business: Audits the Internet security of federally insured deposit institutions for proof of regulatory compliance and board fiduciary responsibilities

Locations: National

"I use Qualys as the foundation of my Internet security testing service."

Principal Auditor

Objectives

• Required a faster, more cost-efficient way to independently audit the Internet security of federally insured deposit institutions.
• Needed to replace a software-based solution that was unreliable, always out-of-date, time-consuming, and complicated to use with clients in 39 states.

Results

• QualysGuard enables independent audits with reliable, comprehensive, and easy to use interface.
• Easy to use for a 'non technical' auditor.
• Dramatically cut costs of doing independent audits cost-effectively.
• Always up-to-date with current vulnerabilities.

Back to top

Read Case Study

Industry: Food and Management Services

Headquarters: France

Business: A world leader in Food and Facilities Management services

Locations: Worldwide

Employees: 342,000+ employees in 80+ countries

Annual Revenue: € 13.4 billon (2007)

"Five years on, we are still using the same solution but on a much broader geographic and functional scope. Herein lies the strength of the Software as a Se