Our videos have over 5 million views on Youtube! Visit our channel now »
The listings featured on this site are from companies from which this site receives compensation. Read the Advertising Disclosure for more information
Professional Reviews

vpnMentor contains reviews that are written by our community reviewers, and are based on the reviewers' independent and professional examination of the products/services.


vpnMentor is owned by Kape Technologies PLC, which owns the following products: ExpressVPN, CyberGhost, ZenMate, Private Internet Access, and Intego, which may be reviewed on this website.

Affiliate Commissions Advertising

vpnMentor contains reviews that were written by our experts and follow the strict reviewing standards, including ethical standards, that we have adopted. Such standards require that each review will be based on an independent, honest and professional examination of the reviewer. That being said, we may earn a commission when a user completes an action using our links, which will however not affect the review but might affect the rankings. The latter are determined on the basis of customer satisfaction of previous sales and compensation received.

Reviews Guidelines

The reviews published on vpnMentor are written by experts that examine the products according to our strict reviewing standards. Such standards ensure that each review is based on the independent, professional and honest examination of the reviewer, and takes into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings we publish may take into consideration the affiliate commissions we earn for purchases through links on our website.

Data Protection and Law Compliance in a Cyber Infused World

Qualys was created by CEO Phillippe Courtot in 1999 and was the first organisation to be a SaaS provider. Currently used by more than 9,300 customers in over 100 countries, including a majority of each of the Forbes Global 100 and Fortune 100, the Qualys Cloud Platform performs more than 3 billion IP scans/audits a year, resulting in over 1 trillion security events. In this interview Chief Technical Security Officer Darron Gibbs overviews the different modules that make up the Qualys platform, and explains the logic behind them.

Before we begin, can you give me a brief overview of your personal background?

Sure. I have worked in the IT Sec, InfoSec and Cyber world for the last 25 years in various roles and have specialised in the last 8 years in Governance, Regulatory, Risk and Compliance but have experience in Security Operations, security technology deployments within organisations and generally all things security related. I have worked in Media, Telecomms, Maritime Cargo and Financial Services. The first part of my career was spent working for vendors in the mid 1990’s (Aventail, Tivoli and Axent Technologies).

How does the Qualys platform prevent threats from penetrating to an organisation's database? And how does it handle false positives?

The Qualys Cloud Platform has performed more than 3 billion scans in the past year. Its vulnerability scans, the most difficult type of scan, consistently exceed Six Sigma 99.99966% accuracy, the industry standard for high quality. This level of accuracy creates a foundation for strong security and reliable compliance that enables you to efficiently zero in on potential risks before you get attacked. Qualys automatically tests all vulnerability definitions before they’re deployed, as well as while they’re active, to verify that definitions are up-to-date. In addition, Qualys enables users to flag vulnerability definitions they think need adjusting. Such requests are immediately investigated by Qualys’ worldwide team of engineers and are typically resolved in less than 72 hours — often even within the same day.

Your website states that the Qualys Cloud Platform can lower the cost of compliance with privacy and security regulations. What makes these regulations so problematic and how does Qualys solve these problems?

Qualys Policy Compliance (PC) has a 3-step approach to solve an organisations compliance problems. By automating the policy or standards evaluation of assets and providing this information in real time, organisations can react quicker and ensure that they remain in compliance at all times.

How do you define policies and specify controls?

With PC, you can leverage out of the box library content to fast-track your compliance assessments using industry-recommended best practices such as CIS Benchmarks, or you can customize your control requirements by setting hardening configuration requirements to suite your unique business and compliance needs.

By automating the evaluation of requirements against multiple standards for operating systems, network devices and applications, PC lets you identify issues quickly and prevent configuration drift. With PC, you can prioritise and track remediation and exceptions, demonstrating a repeatable auditable process for compliance management focused on the most critical issues first.
PC lets you customize and deliver comprehensive reports to document progress for IT staffers, business executives, risk managers and auditors. With Mandate-based reporting you can easily see how you compare against requirements in a variety of overlapping regulatory or industry required control objectives.

What are some of your most commonly detected threats? Have you identified any behavioural patterns to beware of?

Qualys IOC continuously monitors endpoint activity to detect suspicious activity that may indicate the presence of known malware, unknown variants, and threat actor activity on devices both on and off the network. Qualys IOC integrates endpoint detection, behavioural malware analysis, and threat hunting techniques that incorporate a continuous view of an asset’s vulnerability posture along with suspicious activity monitoring. Indicators of Compromise offers:

• Continuous event collection using the Cloud Agent’s non-intrusive data collection and delta processing techniques to transparently capture endpoint activity information from assets on and off the network, in a way that is more performant than other solutions’ query-based approaches or distributed data collectors.

• Analysis, hunting, and threat indicator processing is performed in the cloud on billions of active and past endpoint events. Those results are then coupled with threat intelligence data from Qualys Malware Labs and third-party threat intelligence sources to identify malware infections (indicators of compromise) and threat actor actions (indicators of activity).

• Actionable intelligence scored alerts are displayed in the Qualys platform’s web-based user interface with contextual asset tags to help security teams prioritise responses for critical business systems.

How do you summarise the last 5 years in the Cyber/IT security industry, And what new trends can we expect to see in the future?

In the last 5 years organisations have been fighting trends the Cybercrime boom, such as spear phishing, whaling and ransomware. As a result of these successful attacks against organisations, the public sharing of breaches has grown. Breach notifications have been very public (Yahoo, TalkTalk, LinkedIn, JP Morgan, eBay, Sony etc) and the volume of records that have been stolen or lost is massive, in the hundreds of millions. This has resulted in the price of stolen identities to decrease to approx. $15 a record. The profile has been raised as a result of Cyber and more organisations have Cyber listed as one of their Top 5 risks in their annual reports.

In the immediate future, the EU GDPR will be a focus for all organisations that process personally identifiable information (PII). Finding all PII data within your organisation and supply chain is important, as the fines will be the same for data controllers and processors. Finding your data within the organisation will be a lengthy process and needs to be started sooner rather than later. GDPR will influence breach notification rules as regional EU information commissioner offices can demand differing notification rules. Organisations will need to test their incident management processes to ensure they take into account different EU member requirements.

Pressure from Investors rather than Boards will raise the Cyber profile even further; investors will be demanding more from their Boards and organisations will need to provide regular updates on Cyber activities and what is being done to prevent and protect the organisation. As the threat of potential regulatory fines increases, Investors and Boards will apply additional pressure on organisations, to ensure appropriate investment in Cyber Protection, including insurance as a mitigating control.

About the Author

Ditsa Keren is a cybersecurity expert with a keen interest in technology and digital privacy.

Did you like this article? Rate it!
I hated it! I don't really like it It was ok Pretty good! Loved it!
out of 10 - Voted by users
Thank you for your feedback
Comment Comment must be from 5 to 2500 characters long.