STOCK TITAN

Media Alert: Qualys Offers Free Access to Its Web Application Scanning App to Help Organizations Quickly Find Log4Shell Vulnerabilities

Rhea-AI Impact
(Low)
Rhea-AI Sentiment
(Very Negative)
Tags
Rhea-AI Summary

Qualys, Inc. (NASDAQ: QLYS) announced free access to its Web Application Scanning (WAS) solution for 30 days to combat the Log4Shell vulnerability, a critical zero-day threat. With this initiative, Qualys aims to assist organizations in detecting and mitigating risks associated with the CVE-2021-44228 flaw that affects web applications globally. The WAS tool simulates attack patterns to accurately identify vulnerable sites, helping organizations secure their systems against potential exploits. CEO Sumedh Thakar emphasized the urgency of addressing this vulnerability, calling it one of the most alarming threats in a decade.

Positive
  • Free access to WAS for 30 days enhances customer engagement and awareness.
  • WAS accurately detects Log4Shell vulnerabilities using advanced detection mechanisms.
  • Supports global organizations in mitigating significant security risks.
Negative
  • None.

FOSTER CITY, Calif., Dec. 17, 2021 /PRNewswire/ -- Qualys, Inc. (NASDAQ: QLYS), a pioneer and leading provider of disruptive cloud-based IT, security and compliance solutions, today announced it is making its Web Application Scanning (WAS) solution available free for 30 days, to help companies protect against Log4Shell.

The Apache Log4Shell zero-day RCE vulnerability has raised alarms at companies around the globe, with U. S. government officials calling it "one of the most serious flaws they've seen." The vulnerability poses potential threats for almost every single web application, with the list of known exploits growing daily. 

Web Application Scanning capabilities are essential to detect these vulnerabilities as they simulate the attack of Log4Shell exploits. To help customers protect themselves from this threat, Qualys is making its WAS app, which scans web applications and APIs for the Log4Shell (CVE-2021-44228) vulnerability, available free for 30 days. 

Qualys WAS makes accurate detections of applications vulnerable to Log4Shell through its advanced out-of-band detection mechanisms. To identify vulnerable sites, WAS uses specially crafted payloads to simulate the same attack pattern malicious actors use.  Vulnerable sites are quickly and easily identified for remediation, shutting the door on attackers before they ever know you are exposed. 

"Log4Shell is the most alarming vulnerability we've seen in the last decade and helping the community battle this unprecedented threat is at the forefront of our focus," said Sumedh Thakar president and CEO of Qualys. "Many organizations are scrambling to find ways to detect their exposure to Log4Shell. We hope the free access to our app along with the open-source scripts we released will help security teams rapidly assess and secure their external web attack surface." 

To sign up for the free, 30-day WAS service, visit qualys.com/was-log4j-trial. For more information on using WAS to detect Log4Shell, read our blog, Is Your Web Application Exploitable by the Log4 Shell Vulnerability?   

Additional Resources 

About Qualys
Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of disruptive cloud-based IT, security and compliance solutions with over 19,000 active customers in more than 130 countries, including a majority of each of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and consolidate their security and compliance solutions in a single platform and build security into digital transformation initiatives for greater agility, better business outcomes, and substantial cost savings. 

The Qualys Cloud Platform and its integrated Cloud Apps deliver businesses critical security intelligence continuously, enabling them to automate the full spectrum of auditing, compliance, and protection for IT systems and web applications across on premises, endpoints, cloud, containers, and mobile environments. Founded in 1999 as one of the first SaaS security companies, Qualys has established strategic partnerships with leading cloud providers like Amazon Web Services, Microsoft Azure and the Google Cloud Platform, and managed service providers and consulting organizations including Accenture, BT, Cognizant Technology Solutions, Deutsche Telekom, DXC Technology, Fujitsu, HCL Technologies, IBM, Infosys, NTT, Optiv, SecureWorks, Tata Communications, Verizon and Wipro. The company is also a founding member of the Cloud Security Alliance. For more information, please visit www.qualys.com

Qualys and the Qualys logo are proprietary trademarks of Qualys, Inc. All other products or names may be trademarks of their respective companies. 

Media Contact: 
Jackie Dutton 
Qualys 
media@qualys.com 

Cision View original content:https://www.prnewswire.com/news-releases/media-alert-qualys-offers-free-access-to-its-web-application-scanning-app-to-help-organizations-quickly-find-log4shell-vulnerabilities-301447303.html

SOURCE Qualys, Inc.

FAQ

What is Qualys offering to help with the Log4Shell vulnerability?

Qualys is providing free access to its Web Application Scanning (WAS) solution for 30 days to help identify and mitigate Log4Shell vulnerabilities.

How does Qualys' WAS solution work?

WAS simulates attack patterns used by malicious actors to detect vulnerabilities in web applications related to Log4Shell.

What is the significance of the Log4Shell vulnerability?

Log4Shell is considered one of the most severe vulnerabilities seen in a decade, posing significant risks to web applications worldwide.

What company is behind the WAS solution for Log4Shell?

The WAS solution is developed by Qualys, Inc. (NASDAQ: QLYS), a provider of cloud-based IT security and compliance solutions.

What is the duration of the free access to Qualys' WAS?

Qualys is offering the WAS solution for free for a period of 30 days.

Qualys, Inc.

NASDAQ:QLYS

QLYS Rankings

QLYS Latest News

QLYS Stock Data

5.21B
36.30M
0.81%
101.33%
8.7%
Software - Infrastructure
Services-prepackaged Software
Link
United States of America
FOSTER CITY