|Industry||CyberSecurity Company Network Security|
|Sumedh Thakar, President and CEO|
|Revenue||US$411 million (2021)|
|US$88 million (2021)|
|US$71 million (2021)|
|Total assets||US$815 million (2021)|
|Total equity||US$437 million (2021)|
Number of employees
Qualys, Inc. provides cloud security, compliance and related services and is based in Foster City, California. Qualys provides vulnerability management solutions using a "software as a service" (SaaS) model. It has added cloud-based compliance and web application security offerings.
Qualys has over 10,300 customers in more than 130 countries, including a majority of the Forbes Global 100. The company has strategic partnerships with major managed services providers and consulting organizations including BT, Dell SecureWorks, Fujitsu, IBM, NTT, Symantec, Verizon, and Wipro. The company is also a founding member of the Cloud Security Alliance (CSA).
Qualys was founded in 1999. The company launched QualysGuard in December 2000, making Qualys one of the first entrants in the vulnerability management market. In March 2001, angel investor Philippe Courtot became the CEO of the company after a major investment in the company. He also served as the chairman of the board. Philippe originally invested in Qualys in 1999 when the company was founded, then became CEO in March 2001. Philippe brought a vision to the company that was unique from the very start – to build a cloud delivery platform that would allow for the scanning of any network globally. He then set about creating it.
The QualysGuard Intranet Scanner was released in 2002 to automatically scan corporate LANs for vulnerabilities and search for an available patch. The following year, Qualys released FreeMap, a web-based tool for scanning, mapping and identifying possible security holes within networks connected to the Internet.
In 2005, Qualys extended its QualysGuard product line. In 2008, Qualys introduced QualysGuard Policy Compliance, which extended the platform's global scanning capabilities to collect IT compliance data across the organization and map this information into policies to document compliance for auditing purposes. Qualys also released a service for web application scanning named QualysGuard Web Application Scanning (WAS). In 2010, at the RSA Conference USA, Qualys announced QualysGuard Malware Detection Service, a new service designed to scan and identify malware on web sites. It also announced the Qualys SECURE Seal, which allows websites to show visitors that it has passed security scans.
In July 2010, Qualys announced Qualys BrowserCheck, a service for checking web browsers and plug-ins for security vulnerabilities. At RSA Conference 2011, Qualys launched a new open source web application firewall project, IronBee, led by Ivan Ristic, the creator of ModSecurity and a director of engineering at Qualys. At the RSA Conference in 2012, Qualys introduced updates to the QualysGuard Cloud Platform, which extended its capabilities to help customers improve the security of their IT systems and applications, further automate their compliance initiatives for IT-GRC, and provide online protection against cyber-attacks while reducing operational costs and increasing the efficiency of their security programs.
Qualys went public on NASDAQ with the symbol QLYS on September 28, 2012, raising net proceeds of $87.5 million. At the 2014 RSA Conference, Qualys announced general availability of its QualyGuard Web Application Firewall (WAF), which provides protection for websites running on Amazon EC2 and on-premises, as well as a new Continuous Monitoring solution and free Top 4 Security Controls service. In 2015, the company released 2.0 of its WAF software which included virtual patching and customizable event responses. That same year, Qualys also released an IT security and compliance solution called Cloud Agent Platform. In August 2015, the company released a free asset management service, Qualys AssetView, that allowed organizations to keep inventory of computers and their software.
In February 2016, Qualys released ThreatPROTECT, a vulnerability detection service for its cloud-based platform. The company received full certification for its Configuration Management Databases (CMDBs) App for ServiceNow, allowing the app to be integrated into ServiceNow's system in March 2016. In July 2016, it was announced that Qualys would integrate with Microsoft Azure Security Center. In August 2017, Qualys acquired the network analysis assets from Nevis Networks for an undisclosed sum. In December 2017, Qualys announced its acquisition of NetWatcher, a network security company.
In April 2018, Qualys acquired the software assets of Singapore-based 1Mobility, a startup which develops security technologies for mobile phones.
In June 2018, Qualys announced the addition of Asset Inventory to their Cloud Platform.
Qualys won two Pwnie Awards in 2021, in the categories of “Best Privilege Escalation Bug” and “Most Under-Hyped Research”.
Qualys honored by SC Media as the winner for Best Vulnerability Management Solution in its 2020 Trust Awards.
Qualys received 2019 Gartner Peer Insights Customers' Choice Award for Vulnerability Assessment.
In 2017 Frost & Sullivan recognized Qualys with 2017 Global Vulnerability Management Market Leadership Award.
Throughout its history Qualys has received a number of other awards.