SAN FRANCISCO, Feb. 25, 2013 (GLOBE NEWSWIRE) -- RSA Conference USA 2013 Booth #1431 -- Qualys, Inc. (Nasdaq:QLYS), a pioneer and leading provider of cloud security and compliance management solutions, today announced that it has expanded its popular FreeScan service to support scanning internal and external systems and web applications and also added new security and compliance audits for Patch Tuesday vulnerabilities, OWASP (Open Web Application Security Project) threats and SCAP (Security Content Automation Protocol)Configuration. These free tools can be accessed immediately at qualys.com/secure, and Qualys® will showcase them during the RSA Conference at booth #1431. Delivered via the QualysGuard Cloud Platform, FreeScan is used by organizations all over the world to quickly test online whether their computers, networks, web sites and web applications are at risk from the latest threats. Qualys has expanded the service's vulnerability scanning and configuration auditing to help organizations efficiently respond to software patches, test their own web applications and web sites, and check if they are in compliance with emerging security standards. "Security teams are overwhelmed by a barrage of advisories about vulnerabilities in critical software, such as Java, Flash and PDF Readers, and escalating attacks on web-based applications," said Ira Winkler, president of the Internet Security Advisors Group. "With FreeScan, organizations can now have an immediate and accurate view of their security and compliance postures without having to deploy complex and costly traditional enterprise software security solutions." Qualys FreeScan now integrates a variety of security and compliance scans into a single, uniform console:
- Patch Tuesday PC Audit. This scans PCs to find missing updates and patches from business software, such as Microsoft Windows, Oracle Java and Adobe Flash and Reader. It identifies which patches are required to address vulnerabilities that are found and provides links for downloading the necessary updates. After fixes have been installed, this scan can be run again to verify that computers are up-to-date.
- OWASP Web Application Audit. This tests web applications, either inside a company's network or on the Internet, to see if they comply with the latest OWASP industry-standard guidelines for defending against online attacks, such as SQL injection and cross-site scripting (XSS). It organizes any issues that are found according to the corresponding OWASP categories and helps application developers fix application weaknesses.
- SCAP Compliance Audit. This tests computers within a company's network to see if they comply with leading security configuration benchmarks, such as the U.S. Government Configuration Baseline (USGCB), which is required by many U.S. federal agencies and organizations that do business with the government.
- Web Site Scan for Vulnerabilities and Malware. This performs a comprehensive check of a company's web site for server and application vulnerabilities, hidden malware and SSL security configuration errors.