Qualys, Inc. announced its new GovCloud platform along with
the achievement of FedRAMP Ready status at the High impact level, from
the Federal Risk and Authorization Management Program (FedRAMP).
Qualys GovCloud, including its integrated capabilities, is 'ready' to
meet the stringent cybersecurity assurance requirements of FedRAMP at
the High impact level. High certification is the most stringent with 421
security and risk management controls.
Qualys GovCloud is a comprehensive offering including - asset
inventory with external attack surface visibility, vulnerability risk
and remediation management and compliance management - that federal
agencies can use as the foundation for their cybersecurity programs. Its
integrated platform includes all the critical security and compliance
solutions needed to address Executive Orders and aligns with NIST 800-53
v5 standards eliminating the need to stitch together siloed solutions.
"As a trusted provider to the Federal Government, Blackwood
Associates is thrilled to partner with Qualys and offer its innovative
GovCloud platform to our federal clients," said Christopher Ebley,
CTO, Blackwood Associates. "GovCloud represents a major step forward in
how federal agencies approach security. Given the rapid evolution of
requirements around contextual risk and vulnerability management,
Qualys' dedication to bringing its technology to highly sensitive
environments is a force multiplier for our customers. The GovCloud
platform enables the move away from siloed solutions and towards a
comprehensive, integrated solution that streamlines efforts, saves
costs, enhances security, and provides compliance context and risk
prioritization."
The highly scalable GovCloud platform supports
federal and commercial organizations cost-effectively, delivering
integrated capabilities, 24x7 support and training while maintaining the
highest level of protection. Qualys GovCloud includes:
Cybersecurity Asset Management with External Attack Surface Management - to
identify, discover inventory and classify all known and unknown assets
with security context. The solution also syncs with your CMDB, helping
address CISA BOD 23-01 and comprehensively report against the NIST 800-53 v5 requirement of CM-8.
Vulnerability Management Detection and Response (VMDR)
- assess, prioritize, and remediate vulnerabilities based on TruRisk to
meet Executive order 14028, OMB M-21-31 as well as monitor posture
against NIST requirement of RA-5.
Configuration and Policy Compliance - GovCloud's
Regulatory Compliance Management with Policy Compliance capability
allows government agencies to assess configuration posture against DISA
while auditing and reporting their compliance with a wide range of
standards, including NIST 800-53/FedRAMP, NIST 800-171, NIST CSF, CMMC,
CERT Resiliency, etc.
File Integrity Monitoring - detects and alerts on unauthorized changes to software firmware and information to align with the NIST SI-7 requirement.
Container Security -
continuously discover, track, and secure containers from build to
runtime, aligning with the key federal DevOps initiative while
addressing the additional FedRAMP requirement of NIST RA-5 regarding
assessing containers for vulnerability risk.
"We are delighted
that our newest offering for the federal market, GovCloud has received
FedRAMP High Ready status, the highest level of security standard
offered by the federal program," said Sumedh Thakar,
president and CEO of Qualys. "As the only vulnerability management
platform currently with FedRAMP Ready status at the High impact level,
we are dedicated to providing federal agencies with a modern alternative
to legacy scanners to improve their security posture as they embrace
digital transformation."