HispanicBusiness

REDWOOD CITY, CA -- (Marketwire) -- 02/13/13 -- Qualys Inc. (NASDAQ: QLYS), a pioneer and leading provider of cloud security and compliance management solutions, today announced its partnership with iViZ, the industry's premier cloud-based penetration testing service for web applications, to help companies ensure and validate the security of their web applications and web sites. The partnership combines the highly automated testing of QualysGuard Web Application Scanning (WAS) with iViZ Penetration Testing Technology, coupled with comprehensive manual testing to provide organizations with high quality, cost-effective, scalable solutions to effectively protect web sites and web applications against possible attacks. The iViZ service will provide a Zero False Positive Guarantee and Business Logic Testing covering 100% of the Web Application Security Consortium (WASC) classes.

The solution is aimed at solving the problem of the significant shortage of trained security professionals that organizations need to hire and retain to secure their web applications. Automated scanning with false positive removal and Business Logic Testing will help organizations solve the problem of scaling security testing without hiring additional people.

Organizations are increasingly using web applications to work and conduct business online and often store critical business and customer data in their web applications. However, these applications are often built using multiple technologies without security in mind, leaving them vulnerable to attack. As a result, organizations need a comprehensive web application strategy to protect against possible attacks.

"As web applications have become a focus for attackers, web application security has become a priority for enterprises," said Charles Kolodgy, research vice president for IDC's security products. "But scanning and remediating web application vulnerabilities is challenging because of their complexity and the sheer number of custom web applications. Automated web application scanning combined with manual testing can help organizations identify and validate exploitable vulnerabilities. With this knowledge organizations can pinpoint exactly what needs to be remediated."

With the new partnership, iViZ will use QualysGuard WAS to perform automated web application scans, accurately cataloging and discovering web application vulnerabilities for their clients. Then iViZ will use its Penetration Testing technologies, combined with manual validation of the findings, and perform business logic testing to deliver comprehensive web application testing, helping customers remediate any issues. Comprehensive reports will be delivered to customers through the iViZ secure web portal, including an executive summary of the results and scope of testing with full details.