Qualys Cloud Platform is the incident response and breach prevention vendor used at Systems Engineering to perform monthly external vulnerability scan for our customers. Recently, Qualys released a statement relating to a previously identified zero-day exploit in one of their third-party solutions (Accellion FTA). According to Qualys, the attack was isolated to the standalone Accellion FTA external file sharing server and was completely separate from the systems that host and support Qualys products. Qualys has confirmed that at no time was there any operational impact on any Qualys production environments.
The monthly external vulnerability scans we perform at Systems Engineering with Qualys allows for the identity and remediation* of vulnerabilities that may be exposed to the internet to reduce the potential for an attack.
*Access to the monthly Qualys scans and remediation will depend on the customers level of services with Systems Engineering.
NOTE: This post is for information only and no action is required.
If you have questions about this security bulletin, please reach out to your Account Manager.