Qualys Update on Accellion FTA Security Incident
Qualys, Inc. (NASDAQ: QLYS) has updated stakeholders regarding a security incident involving a zero-day exploit in the Accellion FTA file transfer solution. The company confirmed that there was no impact on its production environments, codebase, or customer data. All services remain fully functional, with the Accellion FTA server deployed in a segregated DMZ environment, ensuring no connectivity to the Qualys Cloud Platform. Qualys is committed to enhanced security measures and is working with FireEye Mandiant to investigate further.
- No impact on production environments or customer data.
- Qualys maintains full operational functionality across its platforms.
- Security incident management is being handled with FireEye Mandiant.
- None.
FOSTER CITY, Calif., March 3, 2021 /PRNewswire/ -- Qualys, Inc. (NASDAQ: QLYS), a pioneer and leading provider of cloud-based IT, security, and compliance solutions, today issued an update on the security incident regarding the Accellion FTA file transfer solution.
Qualys received new information about a previously identified zero-day exploit in a third-party solution, Accellion FTA that Qualys deployed to transfer files as part of our customer support system.
Qualys confirms today there is no impact on the Qualys production environments, codebase or customer data hosted on the Qualys Cloud Platform. All Qualys platforms continue to be fully functional and at no time was there any operational impact.
Qualys had deployed the Accellion FTA server in a segregated DMZ environment, completely separate from systems that host and support Qualys products to transfer information as part of our customer support system. Qualys chose the Accellion FTA solution for encrypted temporary transfer of manually uploaded files. There was no connectivity between the Accellion FTA server and our production customer data environment (the Qualys Cloud Platform). The Accellion FTA product is a third-party system fully managed by Accellion.
As with any security incident, the investigation is ongoing, and we continue to look for ways to enhance security and provide the strongest protections for our customers. We have engaged FireEye Mandiant, who also worked with Accellion on the wider investigation. Qualys is strongly committed to the security of its customers and their data, and we will notify them should material information become available. For additional information, please see our blog.
About Qualys
Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of disruptive cloud-based security and compliance solutions with over 19,000 active customers in more than 130 countries, including a majority of each of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and consolidate their security and compliance solutions in a single platform and build security into digital transformation initiatives for greater agility, better business outcomes, and substantial cost savings. For more information, please visit www.qualys.com.
Qualys and the Qualys logo are proprietary trademarks of Qualys, Inc. All other products or names may be trademarks of their respective companies.
Media Contact:
Tami Casey
Qualys
(650) 801-6196
tcasey@qualys.com
View original content:http://www.prnewswire.com/news-releases/qualys-update-on-accellion-fta-security-incident-301240128.html
SOURCE Qualys, Inc.
FAQ
What is the latest update from Qualys regarding the Accellion FTA security incident?
How has Qualys responded to the security incident involving Accellion FTA?
Did the Accellion FTA security incident affect Qualys systems?