Log in
Show password
Forgot password ?
Become a member for free
Sign up
Sign up
New member
Sign up for FREE
New customer
Discover our services
Dynamic quotes 
  1. Homepage
  2. Equities
  3. United States
  4. Nasdaq
  5. Qualys, Inc.
  6. News
  7. Summary
    QLYS   US74758T3032


SummaryMost relevantAll NewsAnalyst Reco.Other languagesPress ReleasesOfficial PublicationsSector newsMarketScreener Strategies

Qualys : Continuous Security Hardening and Monitoring for IBM« z/OS« Mainframes and Databases Using Qualys Policy Compliance

12/07/2021 | 03:02pm EST

Mainframes are a key infrastructure component for many enterprises worldwide. Arguably the most secure, reliable, and efficient computing platform, mainframes hold some 70% of the world's business-critical data. Even though they are highly secure and resilient, it's a common misconception that mainframes are not exposed to security risks. In fact, however, they are susceptible to many of today's most sophisticated threats.

With the rise in modern cyberthreats and ransomware attacks, as well as increasing regulatory mandates, organizations need to implement robust security measures to protect the critical resources that reside on mainframes and ensure regulatory compliance. To do so requires overcoming mainframe security challenges, which is the subject of this post.

Mainframe Security Challenges
  • Manual audit methods are not scalable - Many organizations are not assessing their IBM z/OS architecture mainframes and Db2 databases for configuration compliance, or if they are, they are doing so manually. Manual audit methods are not scalable and are very time consuming.
  • Customized script updating - Using internally developed scripts may work at first. However, as an organization's needs change, it may lack the resources required to update the scripts in a timely manner in order to meet its configuration check requirements.
  • Using point solutions that don't do what needs to be done - If an organization's legacy solutions don't provide a consolidated view of its data resources and its constantly changing IT environment, the organzation is unlikely to meet its regulatory requirements.
Qualys z/OS Mainframe Security Solutions

Organizations are looking for a trusted and reliable solution that enables them to assess configuration compliance in their environment and review the results, all from a single platform. Qualys is now meeting the challenge, providing a new and improved, innovative solution. Qualys Policy Compliance (PC) has expanded its agentless scanning capabilities by adding coverage for the z/OS 2.3 and 2.4 systems with RACF (Resource Access Control Facility) and Db2 11 and 12 instances running on z/OS. Adding this capability to the PC module enables organizations to scan configuration settings, proactively assess for configuration weaknesses, and prioritize remediation activities to better align with their organization's configuration standards - all in one place.

Further, with Qualys Policy Compliance (PC), internally developed scripts can be replaced leveraging an agentless scanner and Qualys library policies and controls. The agentless scanner can be configured to authenticate and retrieve control settings based on any scheduled or ad-hoc requirement. This ensures that recommended hardening guidelines are configured, logged, and tracked to ensure consistent and continual security across all digital assets.

Assess with Out-of-Band Configuration Assessment (OCA)

If it isn't feasible to perform authenticated scans on any z/OS servers because of the criticality of the data that they process, Qualys lets you assess z/OS configuration compliance using the Qualys OCA sensor. Qualys OCA allows you to export the z/OS configuration manually, upload the configuration to Qualys, and assess configuration compliance using Policy Compliance. OCA effectively evaluates a mainframe's compliance in a step-by-step manner, presenting a clear picture of the assessment status with the help of widgets on your Qualys dashboard.

Mainframe Compliance Assessment with Qualys Policy Compliance Identify z/OS Assets Comprehensively

Qualys CSAM (CyberSecurity Asset Management) provides a comprehensive view of your Inventory and makes it easier to identify all IBM z/OS assets. Once the assets are identified, they can easily be grouped together with a dynamic tag (e.g., IBM z/OS). Tagging makes the grouped assets available for managing, querying, and reporting throughout the Qualys Cloud Platform, as shown below.

Content-Rich Library for z/OS and Db2 Policies

Qualys PC's content-rich library provides ready-to-use security policies that are highly scalable and easy to deploy. Qualys' controls and compliance checks are capable of pointing to vulnerabilities as well as potential weaknesses in microservices with absolute precision. By simply importing policies for IBM z/OS Security Server or z/OS Db2 databases, you can assign dynamic tags and continue your assessments.

Authenticated Scanning

Qualys leverages SSH to connect to z/OS and uses the OS shell to perform authenticated compliance scans for z/OS target systems. A new PC target option called IBM z/OS Security Server RACF has been added to Unix Authentication Record. By selecting this target type option while creating a Unix Authentication Record, you can perform a compliance assessment on z/OS by launching a PC scan.

Qualys performs Db2 scanning by connecting to a remote port that the database server is listening in on. The z/OS target needs to have an external IP and have the Db2 database port bound to that IP. Qualys has provided a set of scripts to help you set up an account and the privileges that need to be established prior to running scans. These scripts require an administrative account. Online Help provides scripts, tips, and best practices for setting up IBM Db2 for z/OS authentication for compliance scans.

Insights into the Current Posture of Assets and Controls

The compliance posture of Controls and Assets with z/OS and databases running on z/OS can be viewed under the Posture tab as shown below. The posture tab enables you to track compliance posture based on assets, criticality, technologies, and other factors in order to prioritize and remediate high-risk assets.

With unified, customizable dashboards, you can quickly analyze compliance and risk posture across the entire organization and all of its business units. Customizable widgets make it easy to drill down into the posture of assets, identify compliance drift from best practices, and prioritize remediation action to fix misconfigurations based on criticality and other factors.

Monitoring and Reporting Against Compliance Mandates

It's imperative to collect and analyze data for compliance and configuration management activities. Qualys PC's comprehensive reports provide all the details you need to make informed compliance and risk decisions in order to prevent security audits and risks. Qualys PC provides in-solution reporting with suggested remediation steps as well as a robust API to import the information into external systems. You can customize and schedule reports weekly or monthly per business needs.

Mandate-based reporting simplifies the process of reporting on the compliance posture of assets to help comply with external regulations and multiple security mandates. With mandate-based reporting you can choose a mandate that you want to comply with and get your organization's compliance score in terms of several selected mandates, including PCI DSS, STIG, GDPR, and many more.

Enhanced Security and Assessment

To reduce the attack surface and strengthen your organization's security posture and ensure compliance, all mainframe systems and running applications must be continuously assessed for misconfigurations or vulnerabilities. Qualys provides a single pane of glass to monitor configuration compliance for multiple technologies. The depth and breadth of Qualys PC helps organizations gain deep visibility through compliance assessments.

Start your Qualys Policy Compliance trial today to assess and secure assets in your environment.

Dig deeper: Assessing Mainframe Compliance While Minimizing Operational Impact



Qualys Inc. published this content on 07 December 2021 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 07 December 2021 20:01:03 UTC.

ę Publicnow 2021
All news about QUALYS, INC.
01/11QUALYS : How to Make Log4Shell Remediation Quick & Effective
01/06QUALYS : Emotet Re-emerges with Help from TrickBot
01/05QUALYS : Mitigation of Supply Chain Risks in Microsoft 365
2021QUALYS : Log4Shell – Follow This Multi-Layered Approach for Detection and Remediatio..
2021QUALYS : How to Discover Log4Shell Vulnerabilities in Running Containers & Images
2021INSIDER SELL : Qualys
2021QUALYS : Integrates with Shodan to Help Map the External Attack Surface
2021QUALYS : New Options Profiles for Log4Shell Detection
2021QUALYS : 5 Ways to Quickly Detect a Log4Shell Exploit in Your Environment
2021QUALYS : Out-of-Band Detection for Log4Shell
More news
Analyst Recommendations on QUALYS, INC.
More recommendations
Financials (USD)
Sales 2021 410 M - -
Net income 2021 68,7 M - -
Net cash 2021 426 M - -
P/E ratio 2021 73,7x
Yield 2021 -
Capitalization 4 903 M 4 903 M -
EV / Sales 2021 10,9x
EV / Sales 2022 9,36x
Nbr of Employees 1 759
Free-Float 75,8%
Duration : Period :
Qualys, Inc. Technical Analysis Chart | MarketScreener
Full-screen chart
Technical analysis trends QUALYS, INC.
Short TermMid-TermLong Term
Income Statement Evolution
Mean consensus HOLD
Number of Analysts 14
Last Close Price 126,29 $
Average target price 135,58 $
Spread / Average Target 7,36%
EPS Revisions
Managers and Directors
Sumedh S. Thakar President, Chief Executive Officer & Director
Joo Mi Kim Chief Financial Officer
Sandra England Bergeron Chairman
Donald R. Dixon Lead Independent Director
Peter Pace Independent Director
Sector and Competitors
1st jan.Capi. (M$)
QUALYS, INC.-7.97%4 903
SALESFORCE.COM, INC.-9.01%227 762
CLOUDFLARE, INC.-23.73%32 268
DYNATRACE, INC.-13.01%14 966
SINCH AB-12.21%8 626
ANAPLAN, INC.1.88%6 897