New GovCloud Platform by Qualys Earns FedRAMP Ready Status for High Impact Level
FOSTER CITY, Calif., Jan. 31, 2023 -- Qualys, Inc. today announced its new GovCloud platform has earned the achievement of FedRAMP Ready status at the High impact level from the Federal Risk and Authorization Management Program (FedRAMP).
Qualys GovCloud, including its integrated capabilities, is 'ready' to meet the stringent cybersecurity assurance requirements of FedRAMP at the High impact level. High certification is the most stringent with 421 security and risk management controls.
Qualys GovCloud is a comprehensive offering including - asset inventory with external attack surface visibility, vulnerability risk and remediation management and compliance management - that federal agencies can use as the foundation for their cybersecurity programs. Its integrated platform includes all the critical security and compliance solutions needed to address Executive Orders and aligns with NIST 800-53 v5 standards eliminating the need to stitch together siloed solutions.
"As a trusted provider to the Federal Government, Blackwood Associates is thrilled to partner with Qualys and offer its innovative GovCloud platform to our federal clients," said Christopher Ebley, CTO, Blackwood Associates. "GovCloud represents a major step forward in how federal agencies approach security. Given the rapid evolution of requirements around contextual risk and vulnerability management, Qualys' dedication to bringing its technology to highly sensitive environments is a force multiplier for our customers. The GovCloud platform enables the move away from siloed solutions and towards a comprehensive, integrated solution that streamlines efforts, saves costs, enhances security, and provides compliance context and risk prioritization."
The highly scalable GovCloud platform supports federal and commercial organizations cost-effectively, delivering integrated capabilities, 24x7 support and training while maintaining the highest level of protection. Qualys GovCloud includes:
- Cybersecurity Asset Management with External Attack Surface Management – to identify, discover inventory and classify all known and unknown assets with security context. The solution also syncs with your CMDB, helping address CISA BOD 23-01 and comprehensively report against the NIST 800-53 v5 requirement of CM-8.
- Vulnerability Management Detection and Response (VMDR) - assess, prioritize, and remediate vulnerabilities based on TruRisk to meet Executive order 14028, OMB M-21-31 as well as monitor posture against NIST requirement of RA-5.
- Configuration and Policy Compliance - GovCloud's Regulatory Compliance Management with Policy Compliance capability allows government agencies to assess configuration posture against DISA while auditing and reporting their compliance with a wide range of standards, including NIST 800-53/FedRAMP, NIST 800-171, NIST CSF, CMMC, CERT Resiliency, etc.
- File Integrity Monitoring – detects and alerts on unauthorized changes to software firmware and information to align with the NIST SI-7 requirement.
- Container Security - continuously discover, track, and secure containers from build to runtime, aligning with the key federal DevOps initiative while addressing the additional FedRAMP requirement of NIST RA-5 regarding assessing containers for vulnerability risk.
"We are delighted that our newest offering for the federal market, GovCloud has received FedRAMP High Ready status, the highest level of security standard offered by the federal program," said Sumedh Thakar, president and CEO of Qualys. "As the only vulnerability management platform currently with FedRAMP Ready status at the High impact level, we are dedicated to providing federal agencies with a modern alternative to legacy scanners to improve their security posture as they embrace digital transformation."
The FedRAMP Ready (High impact level) Qualys GovCloud will be available in late February. For federal agencies to sponsor for a FedRAMP authorization. To request a free trial, please click here.