A chance conversation with a Qualys customer a few weeks ago veered off topic really fast, but it led to another conversation, which caught a manager’s attention and led to my first  blog post for them.

Placing a value on security has always been a bit of a black art. Things are changing fast, and it’s not much of a black art anymore. Now it’s more like sixth-grade math. So I took some time to explain that to our customers and readers, and how to use that to improve their security and get buy-in from reluctant infrastructure teams.

It probably doesn’t seem like the good guys are winning, but I think the bad guys’ business model is going to self destruct. We need a formula to win, and that formula is a lot easier than it was just two years ago.

And while that last paragraph reads a bit like a commercial–I can say that since I wrote it, right?–I meant what I said. Qualys signs my paychecks, but I wasn’t looking for a job when they called me about this job offer. I’ve used Qualys and I’ve used competing products, and while none of them is perfect, if I had to secure a network again, Qualys would be the vulnerability scanner I would want.