High performer in the vulnerability management and cloud security space

We use the Qualys Cloud Platform for three main strands in our information security. Firstly it gives us excellent visibility of internal and external vulnerabilities across our technology estate. This allows us to identify any potential gaps in software patching, and determine whether any vulnerable end-of-life software is installed on any of our physical or virtual devices. Secondly, we use Qualys for scheduling, analysing and managing PCI scans, a requirement of our PCI DSS certification as a Level 1 service provider. Finally, and more and more crucially as we migrate an increasing number of workloads into the cloud, we use the Qualys CloudView product to report on any potential insecure configuration issues across our AWS & Azure estates. Using a single vendor for these three key pieces of functionality enables us to better manage costs, and leverage our existing customer success relationship. Qualys are excellent both at reactive customer support for security incidents or technical queries, and proactively reaching out to us to make sure we're both making the best use of the functionality included in our existing contract and working with us to see if there's anything they can do to help with our emerging and ongoing security challenges and requirements.