Security Program Controls/Technologies, Channel partners, Content

Qualys Launches SaaS Security for Microsoft 365, Salesforce and More

Qualys, a company that specializes in information security and compliance, has released a SaaS Detection and Response (SaaSDR) solution to help customers protect Microsoft 365, Salesforce, Zoom, Google Workplace and additional SaaS applications down the road.

With SaaSDR, IT and security teams can manage SaaS apps' global settings, user privileges, licenses and files, Qualys stated. In doing so, they can leverage SaaSDR to secure identities, devices and passwords, stop data leakage and prevent insider misconduct that can lead to data breaches.

Qualys has expansive MSSP (managed security services provider) relationships, though we don't think the company specifically mentioned MSSP partner opportunities as part of the SaaSDr launch.

SaaSDR: Key Security Capabilities

SaaSDR leverages the Qualys Cloud Platform to automate the process of managing SaaS apps, the company indicated. It offers a variety of capabilities, including:

  • User and Device Visibility: Creates an inventory of SaaS app users and user groups and files and folders users own and can access and gathers endpoint data
  • Access Controls: Offers control over data access rights
  • Data Exposure Insights: Provides insights into incorrect permissions, at-risk files, file changes, misconfiguration issues and other security weaknesses
  • Security and Compliance Posture Assessments: Performs security posture and configuration assessments
  • Risk Management: Correlates SaaS app data insights with security telemetry to help IT and security teams find ways to manage risk

SaaSDR is generally available, with pricing starting at $20 per user, per SaaS app.

Qualys expects to add alerting on data exposure, automated remediation and other threat response capabilities and support for Slack, GitHub and other SaaS apps to SaaSDR later this year. Also, Qualys plans to integrate vulnerability management capabilities into SaaSDR to allow IT and security teams to use the solution to continuously detect, prioritize and remotely patch vulnerabilities and misconfigurations across their organizations' SaaS apps.

Qualys MSSP Partnerships, Potential SaaS Rivals

Qualys has partnerships with major MSSPs worldwide. The software company also sees a new generation of MSSPs emerging to protect small and midsize customers, CEO Philippe Courtot said during a 2019 earnings call. Moreover, a recent Qualys XDR push also offers potential opportunities for MSSPs.

Back on the SaaS application front, Qualys could face competition in the SMB sector -- where multiple startups are building businesses to help MSPs to oversee SaaS applications.

The emerging offerings vary from monitoring to management solutions, and some include security capabilities. Startup names to know serving MSPs in the SMB sector include SaaS Alerts (led by Kaseya veteran Jim Lippie) and Augmentt (from N-able veterans Gavin Garbutt and Derik Belair), among others.

Additional insights from Joe Panettieri.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.