Is BEAST still a threat?
Yesterday I changed the SSL Labs rating criteria to stop penalizing sites that do not implement server-side mitigations for the BEAST attack. That means that we now consider …
Defending against the BREACH attack
When Juliano and Thai disclosed the CRIME attack last year, it was clear that the same attack technique could be applied to any other compressed data, and compressed response …
Qualys announces WAF Beta for Amazon EC2
Qualys will release the beta of its new cloud WAF solution as an Amazon Machine Image (AMI) and as a VMware virtual image for on-premise deployments starting August 1. …
Don’t get pwned at Black Hat, DEF CON
I am not a paranoid person and most industry conferences I go to don’t generate any worries about security. You go and participate, but otherwise operate normally, …
SSL Labs: Deploying forward secrecy
With revelations about mass surveillance in the news everywhere, an obscure feature of SSL/TLS called forward secrecy has suddenly become very interesting. So what is it, and …
QualysGuard Private Cloud Platform on VCE Vblock Systems
Qualys announced that the QualysGuard Private Cloud Platform has been integrated with VCE Vblock Systems, helping them secure their networks from cyber attacks and automate …
QualysGuard Express Lite released
Qualys announced QualysGuard Express Lite, a small business version of the company’s suite of integrated security and compliance solutions. The new cloud offering …
Automating vendor risk management and certification processes
Qualys announced customizable questionnaires in its QualysGuard Cloud Platform and suite of integrated solutions for security and compliance. Businesses can use the new …
Microsoft fixes 33 vulnerabilities
Today for Patch Tuesday, Microsoft and Adobe are both coming out with critical fixes for a number of widely installed and attacked programs. Microsoft has 10 bulletins …
Microsoft to release 10 bulletins
It is the week before Patch Tuesday May and Microsoft has published its Advance Notification, giving us insight into what to expect next Tuesday. There will be 10 bulletins …
Analysis of 5 million scans on 53 million hosts
Qualys has analyzed QualysGuard Policy Compliance (PC) data from more than five million scans performed by organizations worldwide to help enterprises understand key trends as …
Qualys and FireMon enable real-time network risk visibility
Qualys and FireMon announced the integration of QualysGuard Vulnerability Management (VM) and FireMon Security Manager with Risk Analyzer in FireMon’s upcoming 7.0 …
Featured news
Resources
Don't miss
- Social data puts user passwords at risk in unexpected ways
- New observational auditing framework takes aim at machine learning privacy leaks
- Why password management defines PCI DSS success
- Hottest cybersecurity open-source tools of the month: November 2025
- Gainsight breach: Salesforce details attack window, issues investigation guidance