Qualys releases second generation of on demand PCI compliance platform
December 2007 by Emmanuelle Lamandé
Qualys announces the availability of its second-generation QualysGuard PCI platform. Built on Qualys’ well known, accurate and non-intrusive on demand scanning technology, QualysGuard PCI 2.0 reduces the cost and complexity of achieving PCI compliance with enterprise-level scanning and reporting capabilities with the ability to submit compliance status to multiple acquiring banks simultaneously.
Any organization accepting credit card payments must comply with the standards outlined by the Payment Card Industry (PCI). Recent data breaches and subsequent enforcement of PCI Data Security Standard (DSS) fines have reinforced the importance of granular, ongoing management and monitoring of a merchant’s PCI compliance status.
Qualys’ On Demand PCI solution has become a de facto standard for merchants looking to comply with PCI, automating the ongoing task of scanning for security vulnerabilities and managing the remediation process. QualysGuard PCI 2.0 builds on the significant adoption of the platform, currently in use at organizations such as the Humane Society, Tribune Company, Steak and Shake restaurants, Houghton Mifflin Company and Palm, Inc., a global leader and innovator of easy-to-use mobile products.
QualysGuard PCI 2.0 has a new refined user interface making it even simpler to navigate through the process of scanning, remediating and e-filing customers’ network compliance executive reports to multiple acquiring banks. Additional new features include:
• Segmented Scanning: Merchants can now break out the network into meaningful segments to scan a select number of IPs at a time.
• Reporting: New vulnerability reporting enables customers to run reports on specific search criteria and also compiles all the latest information from scans on their network to calculate compliance status.
• Questionnaires: The PCI 2.0 questionnaire interface now allows multiple questionnaires to be generated for separate business units. Also, merchants can now submit up to five different acquiring banks at any one time – meeting the needs of the larger enterprise that maintains different acquiring relationships.
• Guidance and Expertise: Qualys’ questionnaire process now includes additional tips and easy-to-use navigation for guiding merchants through the application and answering the questions appropriately. Customers can also add comments for each question to clarify points directly with their acquiring bank.
QualysGuard PCI gives partners the tools they need to quickly and accurately evaluate the security of a merchant’s entire network and then prioritize remediation efforts based on the risk the vulnerabilities pose to the organization’s PCI compliance posture. Over 50 percent of all PCI DSS Approved Scanning Vendors (ASVs) and Qualified Security Assessors (QSAs) utilize QualysGuard to deliver PCI certification and PCI-related services to their clients, bringing the total number of partners that have adopted Qualys’ platform to 250.
Pricing and Availability
QualysGuard PCI 2.0 is available immediately. Annual subscriptions start at $495, which includes unlimited scans for three IP addresses and 24x7 support.
- Qualys Named as Finalist for the Red Herring 100 Global 2007 Awards
- Free Qualys Security Scan Available for the New SANS Top 20
- Qualys CSO Interchange: 67% of security executives do not have robust controls in place to prevent data leakage
- Qualys Releases QualysGuard PCI 2.0