Browse archive

Latest news

Experts highlight top data breach vulnerabilities

NYPD detective accused of hiring email hackers

Why BYOx is the next big concern of CISOs

Free tool repairs critical Windows configuration vulnerabilities

IT pros focus on cloud security, not hype

Blue Coat to acquire Solera Networks

APT1 is back, attacks many of the initial U.S. corporate targets

Aurora attackers were looking for Google's surveillance database

U.S. DOJ accuses journalist of espionage

A closer look at Mega cloud storage

CISOs need to engage with the board

Find TrueCrypt and BitLocker encrypted containers and images

The CSO perspective on healthcare security and compliance

Hacking charge stations for electric cars

0-day risk analysis service by Qualys

Posted on 27 February 2012.

Qualys launched Zero-Day Risk Analyzer, a new service to help companies protect their IT systems against zero-day attacks which is delivered as part of the QualysGuard Cloud Platform and it includes Verisign’s iDefense zero-day vulnerabilities and global threats.

The service allows customers to analyze zero-day threats and estimate their impact on their assets and critical systems based on information collected from previous scan results.

It provides the following capabilities:

Latest Information and signatures for iDefense exclusive zero-day threats
Customizable alerting and email notifications on new zero-days and critical threats that could impact corporate assets
Actionable data with estimates about what systems are at risk using existing asset information from previous scans
Risk modeling to help determine the benefit of mitigating actions on exposed systems.

A zero-day attack or threat is a computer threat that tries to exploit computer application vulnerabilities that are unknown to others or the software developer. Zero-day exploits (actual software that uses a security hole to carry out an attack) are used or shared by attackers before the developer of the target software knows about the vulnerability. Malware writers are able to exploit zero-day vulnerabilities through several different attack vectors to compromise systems or steal confidential data such as banking passwords and personal identity information.

“Zero-day attacks are becoming more prevalent and such attacks can happen to any of us,” said Philippe Courtot, chairman and CEO of Qualys. “With this new service, we provide customers a proactive solution to estimate the impact of such critical threats on their assets and decide what mitigating controls to put in place until real patches are available.”

QualysGuard Zero-Day Risk Analyzer is available immediately in the US and Europe and it is sold as an annual subscription with QualysGuard vulnerability management subscriptions. It is priced annually at $12,000 for large enterprises and $6,000 for small- and medium-sized businesses.