Free Qualys Vulnerability Scan Available for New SANS Top 20 Quarterly Update

Redwood Shores, CA July 27, 2005 Qualys, Inc., the leading provider of on demand vulnerability management and policy compliance solutions, today announced the availability of a free network scanning service to help companies find and eliminate vulnerabilities listed in the SANS Top 20 second quarterly update.

The SANS Top 20 is designed by the SANS Institute and security experts from industry and government to provide organizations with a prioritized list of newly discovered exposures to their networks. Qualys’ free scan for the SANS Top 20 is available at During the second quarter of 2005, more than 422 new security vulnerabilities were identified as targets for attack, an increase of 10.8% from the first quarter of 2005 Included in this list are new exposures in popular back-up products from Symantec/Veritas and Computer Associates, as well as vulnerabilities in iTunes, RealPlayer, Microsoft’s Internet Explorer web browser. The full SANS report can be found at “An increase of nearly 11% in the number of new vulnerabilities discovered since the last quarter emphasizes the need for regularly quarterly updates. With up-to-date information, security professionals can immediately address new vulnerabilities, such as the ones recently discovered in popular desktop applications,” said Gerhard Eschelbeck, CTO and VP of Engineering at Qualys. Eschelbeck, along with other experts in the community, provided contributions to the development of the SANS Top 20 list. Qualys’ on demand model provides customers with immediate vulnerability updates, such as the Top 20 listing, without the need for installing software or building out additional infrastructure. In addition to the free scan, the QualysGuard® service detects new exposures in the SANS Top 20. About Qualys

With more than 1,700 subscribers ranging from small businesses to multinational corporations, Qualys has become the leader in on demand vulnerability management and policy compliance. The company allows security managers to effectively strengthen the security of their networks, conduct automated security audits, and ensure compliance with internal policies and external regulations. Qualys’ on demand technology offers customers significant economic advantages, requiring no capital outlay or infrastructure to deploy and manage. Its distributed scanning capabilities and unprecedented scalability make it ideal for large, distributed organizations. Hundreds of large companies have deployed Qualys on a global scale, including DuPont, Hershey Foods, Hewlett- Packard, Standard Chartered Bank and many others. Qualys is headquartered in Redwood Shores, Calif., with European offices in France, Germany and the U.K., and Asian representatives in Japan, Singapore, Australia, Korea and the Republic of China. For more information, please visit

Don't miss