Qualys SECURE Seal Enables Visitors to Verify that Web Sites are Maintaining a Comprehensive and Proactive Security Program
San Francisco, Calif. – March 1, 2010 - Qualys®, Inc the leading provider of on demand IT security risk and compliance management solutions, today at RSA Conference USA 2010 (Booth# 1432) introduced Qualys GO SECURE – a new service that allows businesses of all sizes to test their web sites for the presence of malware, network and web application vulnerabilities, as well as SSL certificate validation. Once a web site passes the four comprehensive security tests, the Qualys GO SECURE service generates a Qualys SECURE seal for the merchant to display on their web site demonstrating to online customers that their company is maintaining a rigorous and proactive security program.
As more and more business is transacted over the Internet, it is important for consumers to know that the web sites they visit are taking online security seriously. By using the Qualys SECURE seal, businesses can demonstrate that their web sites are following rigorous security testing procedures on a regular basis. If malware or a vulnerability that could lead to infection of online visitors or compromise of the web site is identified by the GO SECURE service, the merchant is immediately notified and the seal is subsequently removed. After the merchant removes the malware or remediates the vulnerability either by fixing or mitigating it, then the Qualys SECURE seal is re-instated automatically.
“Cybercriminals are increasingly exploiting flaws within web sites to install drive-by malware and steal customer data. To maintain confidence in e-commerce, businesses must improve security of their web sites,” said Charles Kolodgy, research director for security products at IDC. “Qualys, the leading on demand vulnerability management vendor, is bringing its expertise to enterprises to help them combat web borne malware and identifying and removing vulnerabilities."
The Qualys GO SECURE service validates that a web site has gone through a comprehensive security test by scanning for:
- Perimeter vulnerabilities identifying externally facing vulnerabilities of the web server that could give attackers access to information stored on the host
- Web application vulnerabilities by crawling and injecting http requests to the web application to identify vulnerabilities such as SQL injection and cross-site scripting (XSS)
- Malware detection to identify malicious software that could be hosted by the web site and infect visitors
SparkPR for Qualys