Qualys is re-defining attack surface management with CyberSecurity Asset Management (CSAM) 3.0, expanding the most comprehensive attack surface coverage on the market to include patent-pending EASM discovery and scan, passive sensing for unmanaged/untrusted devices built in to the Qualys agent, and new third-party API-based connectors to provide continuous...

Dealing with multiple network administrators making frequent configuration changes with a monitoring solution that provides insights into device change without causing resource constraints. The performance and capabilities of a network device are entirely dependent upon its configuration settings. Understanding the significant impact that a configuration...

In the words of Sun Tzu, ‘In the midst of chaos, there is also opportunity.’ This aptly captures the essence of today’s cybersecurity landscape. Managed Security Service Providers (MSSPs) stand at the forefront, turning chaos into opportunity by securing digital assets across the entire infrastructure against increasingly complex threats. Qualys, as...

As we delve into cybersecurity’s complex and evolving landscape, the Verizon 2024 Data Breach Investigations Report (DBIR) offers crucial insights into the mechanisms and motives behind the latest wave of cyberattacks. Qualys is once again proud to contribute to the report, helping to dissect these patterns and equip all with the knowledge to fortify...

Vulnerability Scope & Details CrushFTP disclosed a zero-day vulnerability in their software on April 19, 2024. The vulnerability is published on CVE-2024-4040. Affected versions: 9.x versions  before 10.7.1  11.1.0 The CVSS score is 9.8.  The vulnerability allows remote attackers to bypass the...

Cisco recently uncovered a sophisticated cyber espionage campaign, ArcaneDoor, targeting perimeter network devices used by government and critical infrastructure sectors. This campaign involves state-sponsored actors exploiting two zero-day vulnerabilities (CVE-2024-20353 and CVE-2024-20359) aimed primarily at espionage through intricate malware known...