BrandWikiReturn

Qualys

Qualys, Inc. is an American technology firm based in Foster City, California, specializing in cloud security, compliance and related services.

Qualys has over 10,300 customers in more than 130 countries. The company has strategic partnerships with major managed services providers and consulting organizations including BT, Dell SecureWorks, Fujitsu, IBM, NTT, Symantec, Verizon, and Wipro.[4]

History

Qualys has been described as "one of the earliest software-as-a-service security vendors."[5]

Philippe Courtot first invested in the company in 1999.[6] He became CEO and board chair in 2001.[7] Courtot described Qualys as addressing a "mounting need for automatic detection of network vulnerabilities" when he announced the second round of financing.[8][9]

The company launched QualysGuard in 2000, making Qualys one of the first entrants in the vulnerability management market.[10] This software could automatically scan corporate local area networks (LANs) for vulnerabilities and search for an available patch. The company subsequently added compliance, malware detection, and web application scanning to its platform.[11][12][13]

Qualys went public on the Nasdaq under the stock ticker QLYS on September 28, 2012, raising net proceeds of $87.5 million.[14][15] The stock doubled from 2019–2024.[16]

In 2015, Qualys launched its cloud platform and lightweight cloud agent, aimed at providing continuous monitoring of an organization's IT infrastructure and applications.[17] The cloud platform introduced several new features designed to help organizations address cybersecurity and compliance issues.[18][19]

Another security service that Qualys offers is its Network Passive Sensor service, an advanced technology layer that monitors network traffic and detects what is on the network that needs to be secured.[20] The Network Passive Sensor immediately sends asset metadata to the Qualys Cloud Platform, where it is analyzed for comprehensive security insights.[21]

In 2021, Courtot resigned from his role as Qualys' CEO for health reasons after leading the company for two decades.[22] Sumedh Thakar became president and CEO following Courtot.[23][24]

In August 2021, Qualys partnered with Red Hat to bring Qualys' Cloud Agent to Red Hat Enterprise Linux (RHEL) CoreOS and Red Hat OpenShift. The CoreOS Cloud Agent for OpenShift works with Qualys' Container Security Runtime, delivering continuous packages and vulnerabilities for the entire OpenShift stack.[25]

The Qualys Threat Research Unit (TRU) won two Pwnie Awards in 2021, in the "Best Privilege Escalation Bug" and "Most Under-Hyped Research" categories.[26][27][28] The TRU also won two Pwnie Awards in 2025, in the "Epic Achievement" and "Best Remote Code Execution (RCE)" categories.[29]

In November 2023, Qualys released its Enterprise TruRisk Management (ETM) software, which aggregates cyber risk signals to provide a risk-scoring framework for companies to measure and reduce IT risk.[30] Thakar said that Qualys is expanding ETM to integrate risk data from different security tools, including other security vendors. This will give customers a single view of risk, so they can focus on reducing risk in the areas that are impacting the most important parts of their business. In 2024, he announced that Qualys would offer a free 30-day access to ETM to assist organisations in adhering to the UK National Cyber Security Centre's (NCSC) guidelines that recommend a 5–7 day window for patching vulnerabilities. Qualys introduced its real-time Risk Operations Center (ROC) with ETM at its annual conference in San Diego in October 2024.[31]

In May 2024, Qualys launched a managed security services partner (MSSP) portal as part of its global partner program. The portal was designed to enhance operational efficiencies for Qualys' partners and offer visibility into client accounts, licenses, and user roles.[32]

In March 2026, Qualys debuted Agent Val, the first agentic AI tool for exploit validation and autonomous remediation.[33][34]

External links

References

  1. Meghavi Singh. Qualys Board Names Sumedh Thakar as CEO Yahoo Finance, Yahoo, retrieved 30 April 2021^
  2. Qualys expands AI-driven risk management platform SC Media, 2025-10-20, retrieved 2025-12-17^
  3. Qualys, Inc. Investor Relations, 2020-02-12, retrieved 2026-03-05^
  4. Jonny Evans. Qualys now supports macOS in its cloud security tools Computerworld, 2023-02-07, retrieved 2024-11-01^
  5. David Rosenbaum. Cloud control: you want your cloud provider to share security risk. Your provider wants to limit its liability. The result is a negotiation. Here's what CFOs should know to gain the upper hand CFO, September 2011^
  6. Matt Villano. Cloud Cover TIME, 2009-10-12, retrieved 2024-11-01^
  7. Curt Schleier. What's The Next Big Thing In Tech? Just Ask Qualys' CEO Investor's Business Daily, 2020-08-27, retrieved 2024-11-01^
  8. Qualys, Inc. Secures $20M in Second Round Financing PR Newswire, April 10, 2001^
  9. Using your browser for security Network World, IDG Communications, Inc., April 28, 2003^
  10. Cloud Security Vendor Qualys Ready for IPO Sramana Mitra, 2012-06-12, retrieved 2020-03-23^
  11. Marin Courtney. Tool scours networks for threats Network Week, 30 September 2002^
  12. David M. Ewalt. Free Network Check Information Week, 26 May 2003^
  13. Matt Hines. Core, Qualys to enter Web apps scanning market InfoWorld, October 16, 2007, retrieved 10 January 2010^
  14. Meghan Kelly. Cloud security company Qualys up 18 percent on IPO after the markets close VentureBeat, September 28, 2012, retrieved 1 May 2014^
  15. Ingrid Lunden. Cloud Security Firm Qualys' IPO Opens At $12/Share, Raising $71.8M TechCrunch, 28 September 2012, retrieved 1 May 2014^
  16. Nicholas Rossolillo. 1 Little-Known Cybersecurity Stock Investors Should Be Watching for 2024 The Motley Fool, 2024-03-10, retrieved 2026-04-16^
  17. Eduard Kovacs. Qualys Web Application Firewall 2.0 Brings Virtual Patching, Event Response SecurityWeek, 2015-04-21, retrieved 2024-11-01^
  18. Eduard Kovacs. Qualys Web Application Firewall 2.0 Brings Virtual Patching, Event Response Security Week, 21 April 2015, retrieved 18 December 2016^
  19. Ian Barker. Cloud Agent Brings Enterprises Greater Security and Asset Control BetaNews, 2015-04-21, retrieved 18 December 2016^
  20. Adrian Bridgwater. Qualys Security Conference 2022: Corralling horses in an expanding edge rodeo TechRepublic, 2022-11-10, retrieved 2024-11-01^
  21. Adrian Bridgwater. Qualys Security Conference 2022: Corralling horses in an expanding edge rodeo TechRepublic, 2022-11-10, retrieved 2024-09-05^
  22. Joe Panettieri. Qualys CEO and MSSP Partner Advocate Philippe Courtot Resigns - MSSP Alert, 2021-03-22, retrieved 2026-02-05^
  23. Michael Novinson. Longtime Qualys CEO Philippe Courtot Exits For Health Reasons CRN, 2021-03-22, retrieved 2024-11-01^
  24. Tom Field. New Qualys CEO Tackles Cybersecurity Asset Management www.bankinfosecurity.com, 15 May 2021, retrieved 2026-02-05^
  25. Martijn van Best, Coen van Eenbergen, Floris Hulshoff Pol, Berry Zwets. Qualys brings Cloud Agent to RHEL CoreOS and Red Hat OpenShift Techzine Global, 2021-08-04, retrieved 2024-09-05^
  26. Pwnie Award Winners 2021 – Pwnies pwnies.com, retrieved 2022-04-29^
  27. Heap-based buffer overflow in Sudo! – Pwnies pwnies.com, retrieved 2022-04-29^
  28. 21 Nails – Pwnies pwnies.com, retrieved 2022-04-29^
  29. Habib Ur Rehman. Qualys (QLYS) Wins Two Pwnie Awards at DEF CON for Groundbreaking OpenSSH Vulnerability Research Yahoo Finance, 2025-08-17, retrieved 2025-12-17^
  30. Adrian Bridgwater. Qualys Expands IT Control Posture To 'De-Risk' Business Forbes, 2023-11-08, retrieved 2024-08-08^
  31. Berry Zwets, Erik van Klinken, Sander Almekinders. Qualys QSC: Sealing the lid on container security Techzine Global, 2024-10-09, retrieved 2026-04-16^
  32. Andrew Starc. Qualys launches MSSP portal for partners CRN Australia, 2024-05-06, retrieved 2024-09-05^
  33. Qualys adds Agent Val exploit validation to Enterprise TruRisk Management Cyber Risk Leaders, 2026-03-25, retrieved 2026-04-16^
  34. Joseph Gabriel Lagonsin. Qualys launches Agent Val for live exploit validation SecurityBrief Australia, 2026-03-24, retrieved 2026-04-16^