Continuous security in the web application space
What we’re seeing in the market right now is increased consolidation among vendors. They’re buying each other, more products covering another vendor’s territory are being introduced, and this is all creating confusion for anyone trying to put together a security program.
In this podcast recorded at Black Hat USA 2016, Jason Kent, VP of Product Management, Web Application Security, Qualys, talks about what continuous security means, how you can use it to identify all of the problems, and understand how to fix them.
Qualys Web Application Scanning
Qualys Web Application Scanning (WAS) is a cloud service that provides automated crawling and testing of custom web applications to identify vulnerabilities including XSS and SQL injection. The automated service enables regular testing that produces consistent results, reduces false positives, and easily scales to secure a large number of websites. Proactively scans websites for malware infections, sending alerts to website owners to help prevent black listing and brand reputation damage.
Qualys Web Application Firewall
Qualys Web Application Firewall (WAF) is a next-generation cloud service that brings a combination of scalability and simplicity to web app security. Built on the world’s leading Cloud security and compliance platform, Qualys WAF complements the global scalability of Qualys WAS. Together, they make identifying and mitigating web app risks seamless, whether you have a dozen apps or thousands. Qualys WAF can be deployed in minutes, supports SSL, and doesn’t require special expertise to use.
Qualys WAS App for Splunk Enterprise
The Qualys WAS App for Splunk Enterprise provides a dashboard containing summary charts that include information about affected web applications and most prevalent vulnerabilities. The dashboard also includes preconfigured searches and reports. This App is dependent on TA-QualysCloudPlatform. The TA-QualysCloudPlatform pulls and indexes the data, and this App makes use of it to produce dashboards and reports.