Qualys Policy Compliance

QualysGuard Policy Compliance automates the collection of technical controls from information assets within the enterprise; and provides compliance reporting by leveraging a comprehensive knowledgebase that is mapped to prevalent security regulations, industry standards and compliance frameworks.

Image Not Found

Benefits of QualysGuard Policy Compliance :

Integrated agent-less solution enables scalable management of vulnerability and configuration scanning from a single interface with least impact to IT resources
Dissolvable agent solution enables deeper configuration analysis without the maintenance of permanent agents.
Rapid global deployment with the QualysGuard Software-as-a-Service (SaaS) delivery model requiring no software installation or maintenance
Centralized approach for policy definition and control management consolidates many IT compliance and security processes into a single solution
Customizable auditing capabilities for multiple regulatory mandates and policies
Comprehensive instructions and audit trails to review and prove compliance with auditors through a workflow to request, review and approve exceptions

QualysGuard Policy Compliance Features :

Automated compliance scanning using the same QualysGuard infrastructure used for vulnerability scanning
Continuously maintained knowledgebase is based on CIS and NIST standards and maps to many frameworks & regulations including CIS, COBIT 4.0 and 4.1, ISO 17799 and 27001, NIST SP800-53, ITIL v2, HIPAA, FFIEC, NERC-CIP .
Improved Policy Editor to construct policies from controls and map them to internal standards and external regulations
New compliance report templates to show compliance by policy, by control, and by host
Exception management workflow for creating, evaluating, and approving risk acceptance of policy violations
Collaboration capabilities to review policies and approve exceptions with internal and external auditors