Qualys is a provider of cloud security, compliance and related services for small and medium-sized businesses and large corporations based in Redwood Shores, California. Qualys Inc. was founded in 1999 and was the first company to deliver vulnerability management solutions as applications through the web using a “software as a service” (SaaS) model, and as of 2013 Gartner Group for the fifth time gave Qualys a “Strong Positive” rating for these services. It has added cloud-based compliance and web application security offerings.
Qualys online free scanner provides up to 10 free scans of URLs or IPs of Internet facing or local servers or even machines. You initially access it via web portal and then download their virtual machine software if running scans on your internal network.
Qualys free scanner supports a few different scan types; vulnerability checks for hidden malware, SSL issues, and other network-related vulnerabilities. OWASP is for auditing vulnerabilities of web applications. Patch Tuesday scans for and helps install missing software patches. SCAP checks computer settings compliance against the SCAP (Security Content Automation Protocol) benchmark provided by National Institute of Standards and Technology (NIST).
Though you first see just an online tool that appears to just do scanning via the Internet, if you enter a local IP or scan, it will prompt you to download a virtual scanner via a VMware or VirtualBox image. This allows you to do scanning of your local network. Once a scan is complete you can view interactive reports by threat or by patch.
Since Qualys free scanner only provides 10 free scans, it’s not something you can use regularly. Consider using another solution for day-to-day use and periodically run Qualys free scanner for a double-check.
Check Qualys free scanning service you can by clicking on this link.
How Qualys works: