`Case 4:18-cv-07229—YGR Document 194-3 Filed 05/04/21 Page 1 of 29
`
`
`
`
`
`
`
`
`
`
`
`
`
`EXHIBIT 14
`
`EXHIBIT 14
`
`
`
`
`
`Case 4:18-cv-07229-YGR Document 194-3 Filed 05/04/21 Page 2 of 29
`
`White Paper
`
`Qualys Cloud Platform:
`YOUR END-TO-END SECURITY SOLUTION
`FOR A PERIMETER-LESS WORLD -
`
`L VM •:.
`
`A
`
`MD
`
`r
`' i
`
`\ r
`
`%
`
`HIGHLY CONFIDENTIAL - ATTORNEYS' EYES ONLY
`
`QUALYS00275578
`
`
`
`Case 4:18-cv-07229-YGR Document 194-3 Filed 05/04/21 Page 3 of 29
`
`WhitePaper I QUALYS CLOUD PLATFORM
`
`INTRODUCTION
`
`The widespread adoption of cloud
`computing services and mobile
`devices by organizations has
`drastically changed enterprise
`information security.
`Organizations are no longer well
`served by the conventional approach
`of protecting the traditional corporate
`perimeter, whose boundaries
`consisted primarily of desktop PCs
`sitting inside offices and servers
`humming in on-premises data centers.
`Today, organizations live in a
`perimeter-less world. Those clearly
`defined physical boundaries in which
`their IT infrastructure was housed have
`been pushed out, blurred, transformed
`and in some cases even erased.
`Many workloads have been moved
`to the cloud, a trend that’s still
`accelerating. Meanwhile, desktop PCs
`have increasingly been replaced as the
`preferred personal computing device
`within organizations by a variety of
`mobile endpoints - laptops, tablets,
`smartphones and wearables -- which
`often spend more time outside of the
`office than inside.
`As a result, CISOs face a new reality
`in which employees now routinely do
`things like log into their companies,
`SaaS-based CRM systems from laptops
`and smartphones at airport cafés over
`public Wi-Fi networks.
`When CISOs look at the enterprise
`security marketplace for solutions,
`they find legacy vendors scrambling
`to belatedly retrofit their products,
`rarely with optimal results. CISOs
`also come across eager startups
`in precarious financial standing
`peddling narrowly scoped products
`aimed at niche use cases.
`
`A CISO who evaluates what these
`vendors offer will quickly realize
`that these retooled legacy systems
`and new point solutions are
`complex, costly, limited and, worst
`of all, ineffective.
`Qualys saw this shift coming many
`years ago. Guided by its pioneering
`vision, Qualys has been deliberately
`and thoughtfully crafting its integrated
`cloud platform to meet the challenges
`that organizations face today in this
`age of cloud computing and mobility.
`Today, the Qualys Cloud Platform
`is uniquely positioned to provide
`continuous security for organizations
`that find themselves having to
`monitor and protect on-premises,
`cloud-hosted and mobile IT assets.
`It’s the most advanced security
`platform available today for the global
`enterprise with a hybrid infrastructure
`in a perimeter-less world.
`The Qualys Cloud Platform constantly
`collects, assesses and correlates
`asset and vulnerability information
`across customers' cloud instances,
`on-premises systems and mobile
`endpoints, giving them a real-time,
`holistic view of their threat landscape
`and helping them prioritize their
`security and compliance remediation.
`In this paper, we explain in detail
`how Qualys accomplishes this via its
`centrally managed cloud architecture,
`anchored by a robust back-end threat
`analysis engine and powered by
`an integrated suite of security and
`compliance apps.
`
`叮he quality of Qualys
`WAS is maintained
`across many different
`types of applications.
`It proves to be very
`thorough and accurate
`as well as easy to
`configure and use.”
`-Ahmad Mahdi
`
`Microsoft
`
`HIGHLY CONFIDENTIAL - ATTORNEYS' EYES ONLY
`
`QUALYS00275579
`
`2
`
`
`
`Case 4:18-cv-07229-YGR Document 194-3 Filed 05/04/21 Page 4 of 29
`
`WhitePaper | QUALYS CLOUD PLATFORM
`
`The New Perimeter -
`or Lack Thereof
`
`HIGHLY CONFIDENTIAL - ATTORNEYS' EYES ONLY
`
`QUALYS00275580
`
`3
`
`
`
`Case 4:18-cv-07229-YGR Document 194-3 Filed 05/04/21 Page 5 of 29
`
`WhitePaper I QUALYS CLOUD PLATFORM
`
`INTRODUCTION
`
`The new information security challenges that cloud computing and mobility have
`created for IT departments are well exemplified by this hypothetical but very
`common scenario of a retailers payments app:
`
`The app’s control panel can be
`accessed by an admin sitting a hotel
`lobby from a laptop connected to a
`public Wi-Fi network
`
`The app’s back-end process runs in
`an on-premises data center
`
`The front end runs on a
`public cloud environment
`such as the ones from
`Google, Amazon or Microsoft
`
`The risk to this one application rests in these three different places, so security
`products that protect only the endpoint, or only the cloud instance, or only the
`on-premises server don’t measure up. Attempting to cobble together a more
`comprehensive solution by tying heterogeneous products brings integration
`complexity, higher costs and, very likely, poor performance.
`
`HIGHLY CONFIDENTIAL - ATTORNEYS' EYES ONLY
`
`QUALYS00275581
`
`4
`
`
`
`Case 4:18-cv-07229-YGR Document 194-3 Filed 05/04/21 Page 6 of 29
`
`WhitePaper I QUALYS CLOUD PLATFORM
`
`THE NEW BOUNDARIES OF
`YOUR IT LANDSCAPE
`
`Most perimeters were formerly contained to corporate premises, but now
`they extend to public, private and hybrid clouds, mobile devices,
`loT sensors and even to non-computing appliances.
`
`Mobile devices, non-computing
`appliances and loT systems
`Your perimeter reaches out to every one of your laptops
`that is being used right now by an employee sitting in an
`airport terminal and connected to a Wi-Fi network. Of
`course, it’s not just laptops: There are smartphones, tablets,
`smartwatches, fitness trackers and other such devices
`that are your employees* digital travel companions. Often
`lost, stolen and misplaced, they contain valuable and
`confidential corporate data and applications.
`
`Let’s not forget all the potential entryways that exist
`for hackers in organizations, geographically dispersed
`locations, such as small remote offices and retail stores.
`These facilities, which house PCs, point-of-sale systems
`and other vulnerable endpoints, often don’t have the same
`level of physical and cyber security as their organizations,
`larger corporate buildings.
`
`Meanwhile, there are a whole bunch of non-computing
`devices getting attached to your network that weren’t
`in the past. These include copiers, printers, smart
`thermostats and even Wi-Fi enabled coffee makers and
`refrigerators in the office kitchen.
`
`Businesses are also aggressively adopting loT and
`embedding sensors in all sorts of "things" that were
`formerly offline, including company vehicles, HVAC
`systems, healthcare devices, industrial equipment, parking
`lots, store shelves, heavy machinery and jet engines.
`
`These widely diverse and dispersed endpoints will
`be collecting sensitive data about their organizations'
`operations and transmitting it back to their data
`repositories for analysis. Thus, it’s essential for
`organizations to monitor the security and compliance of
`these newly connected devices because they tend to be
`more vulnerable to cyber attacks than typical computing
`devices: If they’re not properly protected, its easier to sniff
`passwords off of those devices, sensors and appliances,
`and it’s simpler to compromise and break into them.
`
`Cloud computing services
`Adoption of cloud computing software, platform and
`infrastructure services - SaaS, PaaS and laaS -- continues
`on the upswing among organizations of all sizes globally.
`As workloads shift from on-premises systems to public,
`private and hybrid clouds, requirements for asset
`discovery, security and compliance change significantly,
`both from security and compliance perspectives.
`For example, you may find that your cloud service
`providers make it difficult or outright impossible for your
`organization to perform vulnerability scanning on your
`cloud instances.
`
`HIGHLY CONFIDENTIAL - ATTORNEYS' EYES ONLY
`
`QUALYS00275582
`
`5
`
`
`
`Case 4:18-cv-07229-YGR Document 194-3 Filed 05/04/21 Page 7 of 29
`
`WhitePaper I QUALYS CLOUD PLATFORM
`
`HOW CAN YOU MONITOR
`AND CONTROL THIS
`FAR-REACHING ENVIRONMENT?
`
`To protect your organization in this brave new world, you must have a single view
`across your entire IT infrastructure via a central dashboard, where you can slice
`and dice the data, visualize it with graphs and reports, and analyze and share it
`with multiple stakeholders.
`You could attempt to build a system that can give you this holistic and
`comprehensive view of your IT asset and vulnerability landscape by cobbling
`together a variety of products. But it will be a highly complex and costly endeavor
`that may never yield the desired results.
`Fortunately, you don’t need to buy third-party point products and hire a systems
`integrator to configure and install such a system for you. It already exists: the
`Qualys Cloud Platform.
`
`"\Ne use Qualys as a
`way to paint a picture
`of security and feed it
`to our executives. The
`reports give senior
`executives a concise,
`real-time view into
`eBa/s security risks
`and measure change
`in those risks as we
`implement security
`measures."
`-Chris Lalonde
`Senior Manager
`Information Security
`
`HIGHLY CONFIDENTIAL - ATTORNEYS' EYES ONLY
`
`QUALYS00275583
`
`6
`
`
`
`Case 4:18-cv-07229-YGR Document 194-3 Filed 05/04/21 Page 8 of 29
`
`WhitePaper I QUALYS CLOUD PLATFORM
`
`Qualys Cloud Platform:
`
`How can we do what others cant? It's all in our cloud-based architecture, which
`is the opposite of the on-premises, multi-tier architecture upon which legacy
`enterprise security solutions are based.
`
`<<i
`
`卽OD:
`
`LOI
`
`HIGHLY CONFIDENTIAL - ATTORNEYS' EYES ONLY
`
`QUALYS00275584
`
`
`
`Case 4:18-cv-07229-YGR Document 194-3 Filed 05/04/21 Page 9 of 29
`
`WhitePaper I QUALYS CLOUD PLATFORM
`
`THE BENEFITS OF SaaS
`
`A Single, Comprehensive View
`
`Central analysis of data from many
`different sensor types is only possible
`in the cloud. Our easy-to-deploy
`appliances and lightweight agents
`automatically beam up to the Qualys
`Cloud Platform the security and
`compliance data the/re constantly
`gathering from
`customers’ IT
`environments.
`
`The Qualys Cloud Platform is
`integrated, easy to set up and
`inexpensive to maintain. You can
`get results right away after logging
`into our browser-based console for
`the first time. Its solutions can be
`deployed and operated without the
`need for professional services help.
`
`Best-of-Breed Applications
`
`Our cloud architecture allows us to
`provide a complete set of integrated,
`best-of-breed applications, correlate
`disparate data from on-premises
`systems, endpoints and cloud
`instances, and easily add new services.
`
`Qualys also gives you more control
`over licensing costs via its flexible,
`subscription-based model, which
`saves you from having to plunk down
`a lot of money upfront for perpetual
`licenses and suffering buyer’s
`remorse when you find you overpaid.
`
`No Hardware or Software
`To Maintain
`
`Legacy architectures are rigid, complex
`and ultimately limited. They typically
`consist of multiple on-premises servers,
`each one operating different functions,
`and requiring in house backups,
`updates and maintenance.
`
`The Qualys Cloud Platform is self-
`updating and always on, so it has
`an immediate positive impact
`on productivity because the IT
`department doesn’t have to manage
`and maintain it: You don’t need to
`procure hardware and install and
`update the software. You don’t need
`to migrate its databases. You don’t
`need to back up the data. You don’t
`need to refresh the signatures file or
`the analysis engines.
`
`Flexibility
`
`Qualys offers subscription packages
`tailored for small, mid-size and large
`organizations.
`
`Customers also get the flexibility to
`purchase Qualys Cloud Platform app
`subscriptions a la carte.
`
`8
`
`HIGHLY CONFIDENTIAL - ATTORNEYS' EYES ONLY
`
`QUALYS00275585
`
`
`
`Case 4:18-cv-07229-YGR Document 194-3 Filed 05/04/21 Page 10 of 29
`
`WhitePaper I QUALYS CLOUD PLATFORM
`
`UNPARALLELED ACCURACY
`IMMUNIZES YOUR ORGANIZATION
`AGAINST BREACHES
`
`Qualys vulnerability scans, the most difficult type of scan, consistently exceed
`Six Sigma 99.99966% accuracy, the industry standard for high quality.
`
`Designed to protect organizations against external breaches and internal
`compliance violations, the Qualys Cloud Platform is built around four key pillars
`that amount to a sort of systemic vaccination for your IT environment against active
`vulnerabilities, slashing your risk of getting breached:
`
`«o
`PRIORITIZE
`Automating and
`improving the
`prioritizing of
`threat remediation
`
`RESPOND
`Managing the actual
`process of planning
`remediation,
`generating service
`tickets and applying
`patches to at-risk
`IT assets
`
`0
`
`DISCOVER
`Discovering and
`categorizing assets
`and identifying
`vulnerabilities
`at scale
`
`a
`
`DETECT
`Offering configurable
`and powerful
`reporting and
`searching capabilities
`
`If your most critical vulnerabilities are patched, you greatly increase your
`protection against attacks that get through your firewall, such as viruses that
`arrive via email. With Qualys, you immunize your IT assets against critical threats.
`
`HIGHLY CONFIDENTIAL - ATTORNEYS' EYES ONLY
`
`QUALYS00275586
`
`9
`
`
`
`Case 4:18-cv-07229-YGR Document 194-3 Filed 05/04/21 Page 11 of 29
`
`WhitePaper I QUALYS CLOUD PLATFORM
`
`COMPLETE CONTROL AND
`VIEW OF IT ASSETS PAIRED
`WITH CONTINUOUS SECURITY
`
`The Qualys Cloud Platform gives you comprehensive asset discovery, continuous
`processing of the data and a full visibility of your vulnerabilities, all updated in real
`time around the clock.
`
`Unlike legacy products in which scanning needs to be scheduled or manually
`triggered, the Qualys Cloud Platform is on autopilot, collecting information all
`the time, correlating external threat data with your internal IT asset inventory
`and compliance requirements, to pinpoint what needs to be patched or mitigated
`right away.
`
`Our highly scalable cloud platform annually performs 3+ billion scans, logs 100+
`billion detections and collects, processes and analyzes 1 + trillion security data
`points, as it combines continuous discovery of assets and vulnerabilities, real-time
`distributed data collection, indexing and storage, and a robust analytics correlation
`back-end engine.
`
`o Detections, Collects,
`
`^ 3+ Billion
`二Scans
`100+ Billion
`Processes and
`Analyzes
`^ 1+Trillion
`Security Events
`
`HIGHLY CONFIDENTIAL - ATTORNEYS' EYES ONLY
`
`QUALYS00275587
`
`10
`
`
`
`Case 4:18-cv-07229-YGR Document 194-3 Filed 05/04/21 Page 12 of 29
`
`WhitePaper | QUALYS CLOUD PLATFORM
`
`Qualys Cloud Platform:
`HOW IT OPERATES
`The Qualys Cloud Platform is built upon a robust, modular, scalable and flexible
`infrastructure that leverages virtualization and cloud technologies, and lets us
`allocate capacity on demand.
`Let’s zoom in and see the Qualys Cloud Platform in action.
`
`Integrated Suite of Applications
`
`AV VM CM TP PC SAQ PCI WAS WAF MD
`
`Qualys API
`Analytics and Reporting Engines
`
`Reporting & Dashboards
`
`Remediation & Workflows
`
`Erlang Distributed Correlation
`
`Solr Lucene Indexing
`
`ElasticSearch Clusters
`
`Oracle & BFFS Storage
`
`曰
`
`Hardware
`
`Distributed Sensors
`
`a
`
`Virtual
`
`Agent
`
`Passive
`
`Cloud
`
`ia
`API
`
`11
`
`HIGHLY CONFIDENTIAL - ATTORNEYS' EYES ONLY
`
`QUALYS00275588
`
`
`
`Case 4:18-cv-07229-YGR Document 194-3 Filed 05/04/21 Page 13 of 29
`
`WhitePaper I QUALYS CLOUD PLATFORM
`
`Data Collection
`
`The Qualys Cloud Platform collects security data across every type of IT
`infrastructure using a variety of methods and sensors, including:
`
`曰
`
`Physical Applicances
`These self-updating scanners are
`placed on
`premises,
`customer
`where they provide continuous
`security and compliance
`monitoring of IT assets.
`
`(^)
`
`Cloud Agents
`These lightweight software
`agents go into a variety of
`assets to continuously monitor
`and asses their security and
`compliance. They work in
`real-time without the need to
`schedule scan windows nor to
`manage credentials and firewalls.
`
`Virtual Appliances
`They work like the physical
`appliances but in private cloud
`and virtualized environments
`without the need to install a
`hardware box in a customer's
`office or data center.
`
`炒
`
`Passive Appliance
`They sniff network devices and
`traffic, doing real-time discovery
`and identification, including of
`unauthorized devices, APT traffic
`and malware files. It profiles
`unknown devices types based on
`traffic and activity patterns.
`
`Cloud Appliances
`Designed for customers who
`want to scan their laaS and
`PaaS instances in commercial
`cloud computing platforms,
`the/re pre-certified to work
`in AWS and Azure and they’re
`fully automated with API
`orchestration.
`
`ק
`APIs
`Using the Qualys API, third
`parties can integrate their own
`applications with Qualys cloud
`security and compliance solutions
`using an extensible XML interface.
`Today, we enable almost all of
`the major functions of the Qualys
`Cloud Platform with APIs.
`
`HIGHLY CONFIDENTIAL - ATTORNEYS' EYES ONLY
`
`QUALYS00275589
`
`12
`
`
`
`Case 4:18-cv-07229-YGR Document 194-3 Filed 05/04/21 Page 14 of 29
`
`WhitePaper I QUALYS CLOUD PLATFORM
`
`Physical Appliances
`
`These are lightweight software agents
`These are self-updating hardware
`that can go into a variety of assets,
`boxes designed to be placed on
`such as on-premises servers, virtual
`customer premises, such as data
`machines, cloud apps and endpoint
`centers or office locations. These
`scanners provide continuous security devices, where they continuously
`and compliance monitoring of IT
`monitor for changes and assess their
`security and compliance status. They
`assets and transmit the data to the
`transmit back to the Qualys back end
`Qualys Cloud Platform’s back end
`what they detect for analysis
`engine. They update themselves
`and classification. The agents work
`in the background with the latest
`in real-time without the need to
`vulnerability signatures and with
`schedule scan windows nor to manage
`kernel refreshes. Customers don’t
`credentials and firewalls, which
`have to touch them once the/ve
`makes them particularly beneficial for
`been deployed.
`monitoring occasionally connected
`mobile devices.
`
`Virtual Appliances
`
`Available on multiple hypervisors,
`these work like the physical
`appliances, with the difference that
`it’s not necessary to deploy an
`actual hardware box on the
`customers’ premises.
`
`Cloud Appliances
`
`These run within commercial
`cloud computing platforms such
`as Amazon's AWS and Microsoft’s
`Azure, allowing Qualys customers
`to scan their workloads in those
`environments and transmit the
`information back to our central
`platform. Qualys has formal
`partnerships with Amazon
`and Microsoft.
`
`Qualys Cloud Agents are centrally
`managed, can be deployed and
`uninstalled remotely, and use up
`a minimal amount of computing
`resources on their host devices and
`networks. They employ a Delta-
`based approach and collect raw data
`points, such as registry keys, running
`processes, network connections and
`files, which are evaluated continuously
`in the Qualys Cloud Platform back end.
`
`A central console lets you manage the
`agents from a single place. They’re
`fully integrated with the Qualys Cloud
`Platform and can be linked via an
`API with third-party SIEM (security
`information and event management),
`CMDB and help desk ticketing
`products. The Cloud Agent Platform
`puts Qualys in a unique position to
`protect loT (Internet of Things) systems
`through agents that reside on loT
`endpoints.
`
`Passive Appliance
`
`This appliance, due to ship in the
`second half of 2016, is a centrally
`managed, self-updating sensor that
`sniffs network devices and traffic,
`doing real-time discovery and
`identification, including unauthorized
`devices, APT traffic and malware
`files. It plugs into a switch mirroring
`port, does OS fingerprinting,
`identifies ports and protocols used
`and discovers apps and services
`on devices. It profiles unknown
`devices types based on traffic and
`activity patterns, so you may deduct
`something is a printer based on the
`port it’s using and how much data it’s
`receiving. It will let you detect, say,
`a personal laptop that an employee
`is using for the first time to access
`corporate data or applications, even
`if they’re connecting from their home
`network or a public Wi-Fi hotspot. All
`of the information it gathers is sent
`back to the Qualys back end
`for analysis.
`
`APIs
`
`The Qualys Cloud Platform has
`APIs (application programming
`interfaces) that allow it to be
`integrated with threat intelligence
`feeds, configuration management
`databases (CMDBs) and
`log connectors.
`
`Having all these options -- agentless,
`agent-based and passive -- means that
`organizations can use any combination
`of methods, tools and technologies
`that make the most sense for their
`particular infrastructure and needs.
`
`13
`
`HIGHLY CONFIDENTIAL - ATTORNEYS' EYES ONLY
`
`QUALYS00275590
`
`
`
`Case 4:18-cv-07229-YGR Document 194-3 Filed 05/04/21 Page 15 of 29
`
`WhitePaper I QUALYS CLOUD PLATFORM
`
`DATA CATEGORIZATION,
`VISUALIZATION AND ANALYSIS
`
`The platform’s asset tagging and
`management capabilities let customers
`identify, categorize and manage large
`numbers of IT assets and automates
`the process of inventorying and
`organizing them hierarchically.
`Meanwhile, a highly configurable
`reporting engine powers the creation
`of reports, graphs and dashboards so
`that customers can generate visual
`representations of the data.
`Our analytics engine indexes petabytes
`of security and compliance data
`gathered from our customers’ IT
`environments, makes this information
`searchable and correlates it against
`external threat data contained in the
`Qualys KnowledgeBase.
`The data analysis is done from a
`variety of angles and perspectives.
`For example, if the Qualys Cloud
`Platform detects that a registry key
`was changed or added in a Windows
`laptop, the data is beamed up to the
`back-end engine, where it’s analyzed in
`a multi-dimensional way. In this case,
`the Qualys Cloud Platform will explore
`possible reasons for the registry
`alteration, investigating whether a
`policy compliance violation is behind
`it or whether it points to a malware
`
`infection. In short, Qualys Cloud
`Platform takes this one data point and
`analyzes it multiple times, a task that
`otherwise the organization could only
`perform by purchasing several point
`solutions from other vendors.
`Our integrated workflow service
`lets customers quickly make risk
`assessments and access information
`for remediation, incident analysis and
`forensic investigations. Customers can
`generate help desk tickets, manage
`policy and compliance exceptions, and
`track and escalate patching and risk
`mitigation efforts.
`The Qualys Cloud Platform can also
`trigger notifications to proactively
`alert customers about a variety of
`actions and incidents, such as the
`detection of new vulnerabilities and
`malware infections, completion of
`scans, opening of trouble tickets and
`system updates.
`The result is continuous security and
`compliance of IT assets wherever
`they reside, which you need because
`hackers don’t operate in accordance
`with scheduled scans: The/re all over
`the world, attacking organizations
`around the clock.
`
`"Qualys helps us
`to make sure that
`our network is
`secure and that our
`systems, and those
`of our customers, are
`hardened as well.”
`-Leonid Stavnitser
`
`GIT Security Engineering Team
`
`HIGHLY CONFIDENTIAL - ATTORNEYS' EYES ONLY
`
`QUALYS00275591
`
`14
`
`
`
`Case 4:18-cv-07229-YGR Document 194-3 Filed 05/04/21 Page 16 of 29
`
`WhitePaper | QUALYS CLOUD PLATFORM
`
`Integrated Suite of Security
`and Compliance Applications
`
`HIGHLY CONFIDENTIAL - ATTORNEYS' EYES ONLY
`
`QUALYS00275592
`
`15
`
`
`
`Case 4:18-cv-07229-YGR Document 194-3 Filed 05/04/21 Page 17 of 29
`
`WhitePaper I QUALYS CLOUD PLATFORM
`
`Here’s how the Qualys Cloud Platform applications automate and enhance
`the lifecycle of your asset discovery, network security, threat protection,
`compliance monitoring and web application security.
`
`VULNERABILITY ASSESSEMENT
`
`0 Qualys
`
`Mobile Workforce Assets -
`
`ù-:. w«*
`
`o
`
`芸
`
`I
`
`■lull 」-=f Ji
`r■UIB■IP■lull!
`
`IP
`
`For example, with AssetView, you can
`quickly get a list of all of your Lenovo
`devices. You can narrow down that
`list by filtering the results according
`to various criteria, such as device
`location, operating system, CPU
`type or, particular vulnerability. And
`
`you can click on a specific asset and
`obtain granular details on it, such
`as who was its most recent logged-
`in user, hardware specs, installed
`software, network location, detected
`vulnerabilities, and the like, all
`continually updated.
`
`AssetView
`Effective endpoint security and
`compliance requires having
`comprehensive asset visibility and
`control, something which has become
`harder to accomplish as new types
`of devices proliferate on enterprise
`networks. AssetView generates and
`continuously updates an inventory of an
`organization’s assets, and consolidates
`all the asset details in one place, so you
`get a unified view of each one. With
`AssetView, the IT department can know
`which assets exist on their environment,
`where the/re located, who manages
`them and what security risks they carry.
`AssetView scales to millions of assets
`and provides powerful search and
`reporting capabilities. It also integrates
`with third-party products such as the
`ServiceNow Configuration Management
`System and Splunk Enterprise.
`
`Vulnerability Assessment
`
`Threat Prioritization
`
`Compliance Monitoring
`
`Network and App Security
`
`HIGHLY CONFIDENTIAL - ATTORNEYS' EYES ONLY
`
`QUALYS00275593
`
`16
`
`
`
`Case 4:18-cv-07229-YGR Document 194-3 Filed 05/04/21 Page 18 of 29
`
`a
`
`™
`
`參《«
`0 QUAIYS
`Vulnerabiliiy Managemeni v
`Dashboard Scans Reports R®m«tSn*on AssbB Kro^ndgaBaw Us«f8
`toHua ■—t tajr h*
`Dashboard
`LmuMnao: '•da»
`
`1
`843
`14,
`
`74:7
`
`II
`
`0 Qualys
`Conlinuous Moniioriag
`
`Alerts
`
`Configuration
`
`Werts
`
`Üi Sflareh
`pWßW. i-jiMonlloniig Profiles.
`
`««•
`
`0
`
`He* V leg out
`
`Date Range. Last 30 da,? v •i":« .npn
`
`Qm
`
`□
`
`D
`
`O
`
`①
`
`Alert Meuago
`Active Vulnerability QIO 82003 ■
`
`Naw Open Poirr 890/udp (stalue)
`Part lound en »au
`o New Host FoiiikI
`Kok demo« .»ca.qMîy*.com «-Hn »e OS UnuK J.6 «o» feuns tythç jeon Oaily »can of paWte -»MOI»
`Port iDutid «:i ta-H detnoS.Be&ijiialysctini
`①
`V Vulnerability Found: QID 38304 ■■
`New
`PiolDcal V/eiBion t SuppoHnd um fouiM a» "dK
`A Mow Open Port JâWep {hîlp|
`
`Host Imp^ctod
`
`84.38106242
`
`&4.391052^7
`
`6433 106247
`64.39 156247
`
`Iim*»
`
`JsnuwyZ/. 2014
`January 2/ 2014
`Januar/ 27 2014
`January?? 20K
`J6nuar/27 MU
`J8nu»(V 27.2014
`
`Vulnerability Assessment
`
`Threat Prioritization
`
`Compliance Monitoring
`
`Network and App Security
`
`HIGHLY CONFIDENTIAL - ATTORNEYS' EYES ONLY
`
`QUALYS00275594
`
`17
`
`|】
`i iEi
`llpy
`
`一
`1=
`
`l:i
`
`0
`
`li
`
`J=mF=
`
`====
`
`義
`
`"
`
`IÎIL
`
`White Paper I QUALYS CLOUD PLATFORM
`
`Vulnerability Management (VM)
`
`This cloud service is at the core of the
`suite and provides comprehensive
`visibility into the vulnerabilities in
`your IT systems, letting security teams
`continuously identify threats and
`monitor changes in their network.
`Qualys VM visually maps every device
`and application on the network, and
`lets you access configuration details
`for each. It uncovers new or forgotten
`devices, scans for vulnerabilities
`everywhere and automatically assigns
`remediation tickets, integrating with
`third-party ticketing systems.
`
`Continuous Monitoring (CM)
`
`Qualys Continuous Monitoring (CM)
`lets you identify threats and monitor
`unexpected changes in your network
`before they turn into breaches. With it,
`you can track what happens within your
`internal environment, and Internet-
`facing devices throughout your DMZs
`and cloud environments - anywhere in
`the world. CM brings a new approach to
`vulnerability management and network
`security, enabling you to immediately
`identify and proactively address
`potential problems such as: Unexpected
`Hosts/OSes; Expiring SSL Certificates;
`Inadvertently Open Ports; Severe
`Vulnerabilities; and Undesired Software.
`CM requires no special hardware and
`can be set up with a few simple clicks. A
`user simply needs to identify the host or
`hosts that need to be monitored, who
`to alert when states change, and what
`that change might be.
`
`
`
`Case 4:18-cv-07229-YGR Document 194-3 Filed 05/04/21 Page 19 of 29
`
`WhitePaper I QUALYS CLOUD PLATFORM
`
`PRIORITIZATION OF
`REMEDIATION WORK
`
`ThreatPROTECT (TP)
`ThreatPROTECT leverages the data
`gathered, analyzed and classified by
`Vulnerability Management, AssetView
`and other Qualys Cloud Platform
`components to precisely identify
`the IT assets that are most at risk
`within an organization at any given
`point. ThreatPROTECT does this
`by correlating external threat data
`against an organization’s internal
`vulnerabilities. By pinpointing the IT
`assets that must be patched right now,
`ThreatPROTECT helps IT departments
`solve one of their biggest challenges:
`Prioritizing remediation, at a time
`when new vulnerabilities are disclosed
`every day, amounting to thousands
`per year. ThreatPROTECT has a Live
`Threat Intelligence Feed, a dynamic and
`customizable dashboard, graphing and
`reporting capabilities, and a powerful
`search engine. With ThreatPROTECT,
`IT departments get a holistic and
`contextual view of their organization's
`ever changing threat landscape.
`
`0 QUALYS
`D-MIWOTI
`D*ah board
`ThreatPROTECT -
`
`ASSETS WITH VULNERABILITIES
`168 Arom lasJ 90 days
`vs AIIAiwiB
`inet (»irw
`
`5
`o
`
`rimm'i 6o«v(!®po
`cna
`wvmu
`
`70
`
`0
`
`o馨
`
`iSanam - LinotAMui
`• "0 • >* So-**»»
`• »MM.1M.nS I
`
`I QUALYS TOP 10
`
`ILNERABIÜTIES
`
`ASSETS WITH QUALYS TOP 10
`NAL VULNERABILITIES
`14
`
`o
`
`49
`
`.lii
`
`mu
`
`Sami
`
`s
`
`Sana.-
`
`o
`
`亏:「^3
`
`Vulnerability Assessment
`
`Compliance Monitoring
`
`Network and App Security
`
`HIGHLY CONFIDENTIAL - ATTORNEYS' EYES ONLY
`
`QUALYS00275595
`
`18
`
`
`
`Case 4:18-cv-07229-YGR Document 194-3 Filed 05/04/21 Page 20 of 29
`
`WhitePaper I QUALYS CLOUD PLATFORM
`
`COMPLIANCE MONITORING
`
`Qualys PC automates the processes of
`defining policies, specifying controls,
`assessing compliance, remediating
`violations and documenting changes.
`With Qualys PC, IT departments can
`see their security configuration issues
`accurately and in one place.
`
`Policy Compliance (PC)
`
`Policy Compliance (PC) performs
`automated security configuration
`assessments on IT systems throughout
`your network. It helps you to reduce
`risk and continuously comply
`with internal policies and external
`regulations. Qualys PC frees you
`from the substantial cost, resource
`and deployment issues associated
`with traditional software products.
`Known for its fast deployment, ease
`of use, unparalleled scalability, and
`rich integration with enterprise GRC
`systems, Qualys PC is relied upon by
`leading companies around the world.
`
`Security Assessment
`Questionnaire (SAQ)
`SAQ automates a key aspect of policy
`compliance: assessing the security risk
`presented by the businesses processes
`of the third parties you associate with,
`such as partners, vendors, suppliers
`and consultants. SAQ lets organizations
`generate customizable questionnaires
`for third-party security assessments and
`compliance audits. Instead of relying on
`a slow, laborious and inaccurate manual
`process using email and spreadsheets,
`organizations can use the cloud-based
`SAQ to automate and speed up tasks
`such as campaign management,
`template creation, questionnaire
`distribution and result analysis.
`
`0 Qumvs
`
`S,
`
`«'
`
`7
`
`0 Qualys
`
`Dashboard
`
`Û "W-
`
`70
`
`91
`
`2165
`
`nmmn
`
`Om* «Birw wwn M
`it («»(■• tv
`
`ll.ill
`
`mzjm
`
`KBmcm
`
`'ara» CMM
`
`■saimsm
`KSmsm
`
`i-cB<snar>t
`
`Vulnerability Assessment
`
`Threat Prioritization
`
`Network and App Security
`
`HIGHLY CONFIDENTIAL - ATTORNEYS' EYES ONLY
`
`QUALYS00275596
`
`19
`
`
`
`Case 4:18-cv-07229-YGR Document 194-3 Filed 05/04/21 Page 21 of 29
`
`0 QUALYS
`
`« Compliance
`
`..Connci Support
`|1[ R«*OUr««»
`
`r Network Scans
`爲You
`cm ■
`Compium
`
`o
`
`Self-Assessment Questionnaire
`□ni Compieteo
`
`Quick Answf
`I » I tor*our*
`Scan
`NelMork
`
`älPadJreiuc
`
`am UiefflV
`ilc«a aoi rampiMB
`
`WhitePaper | QUALYS CLOUD PLATFORM
`
`PCI Compliance (PCI)
`Qualys PCI provides businesses,
`online merchants and member
`service providers (MSPs) an easy,
`affordable and automated way to
`achieve compliance with the Payment
`Card Industry Data Security Standard.
`Known as PCI DSS, the standard
`provides organizations the guidance
`they need to ensure that payment
`cardholder information is kept secure
`from possible security breaches.
`PCI automates compliance testing,
`reporting and submission, letting
`merchants and MSPs submit the PCI
`self-assessment questionnaires, and
`conduct network and web application
`security scans to identify and eliminate
`security vulnerabilities. The Qualys PCI
`"aut