Qualys devises a virtual patch to protect against vulnerabilities

The security company's Web Application Firewall can protect Web applications from malicious users

If you can't wait for that critical patch to secure your system from some just-discovered bug, IT security firm Qualys may have an answer, through new security software that can secure the trouble spot until the patch arrives.

The feature, called virtual patching, comes with the newly released version 2 of the company's Web Application Firewall, a set of software for securing Web applications against malicious behavior.

Virtual patching can address one of the most thorny problems in enterprise IT security, that of protecting against a recently discovered software flaw. Sometimes attackers can start misusing a software bug as soon as it is discovered --- this is called a zero day flaw.

"Engineering teams can take a long time to fix a problem. Until then, security guys will have sleepless nights worrying about a vulnerability anybody can exploit," said Sumedh Thakar, Qualys chief product officer.

Commercial enterprises continue to be dogged by unrecognized vulnerabilities in their Web applications, which can be used by attackers to gain entry to internal networks or disrupt operations. More than a third of the one million most highly trafficked Web sites are vulnerable to compromise due to unpatched or misconfigured software, a March 2015 survey from IT security firm Menlo Security firm found.

Qualys' firewall can be installed as a virtual image on a server that also runs Web applications. The firewall serves as a proxy, examining all incoming traffic, looking for malicious code that could take advantage of software defects, application framework flaws, Web server bugs, and even improper configurations.

To identify malicious traffic the software pulls updates about the latest vulnerabilities from Qualys, and incorporates results from the security scan of the customer's network, Thakar said.

The firewall was designed to block network traffic that looks suspicious, such as a great deal of traffic from a single Internet address. The virtual patching capability is an additional control measure, one that allows the administrator to set up blocking rules around a specific application.

If a potential vulnerability is found, the administrator is notified through a Web-based console. There, an option is presented to apply a virtual patch to the trouble spot, meaning that traffic going to that part of the application will be inspected to ensure that the vulnerability is not being exploited.

For instance, if an input form for collecting birth dates has been found to accept non-numeric characters, a virtual patch can be applied to block any input to the form that has non-numeric characters. This would prevent an attacker from injecting database commands into the system by way of the form.

The Qualys Web Application Firewall is available for an annual subscription of US$1,995, for small businesses, and $9,995 for larger enterprises based on the number of web applications and virtual appliances.

The Web Application Firewall was one of a number of upgraded and new products Qualys announced at the RSA Conference, held this week in San Francisco. The security company updated its Continuous Monitoring software to watch against threats in the internal network, in addition to the network perimeter it was designed to oversee. The company also released its Cloud Agent Platform, a set of technologies for outfitting devices with software to watch for potential security threats.

Joab Jackson covers enterprise software and general technology breaking news for The IDG News Service. Follow Joab on Twitter at @Joab_Jackson. Joab's e-mail address is Joab_Jackson@idg.com

Join the Good Gear Guide newsletter!

Error: Please check your email address.

Tags securitydata protectionmalwarequalys

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Joab Jackson

IDG News Service
Show Comments

Most Popular Reviews

Latest News Articles


GGG Evaluation Team

Kathy Cassidy


First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni


For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell


The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi


The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott


My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?