Qualys Achieves FedRAMP High Authorization for TotalCloud, Extending Protection to Cloud Workloads in its Government Platform

May 14 2026 14:00 BST

Achievement reaffirms Qualys' commitment to delivering trusted, best-in-class security solutions for federal agencies and highly regulated industries

FOSTER CITY, Calif. , May 14, 2026 /PRNewswire/ -- Qualys, Inc. (NASDAQ: QLYS), a leading provider of cloud-based IT, security and compliance solutions, today announced that its TotalCloud solution has achieved FedRAMP High Authorization, sponsored by the U.S. Drug Enforcement Agency (DEA). This milestone extends the FedRAMP High status of the Qualys Government Platform to include Cloud-Native Application Protection Platform (CNAPP). QualysTotalCloud is now listed on the FedRAMP Marketplace, enabling federal agencies, suppliers, and highly regulated industries to leverage its comprehensive cloud security capabilities.

The FedRAMP High Authorization represents the most stringent level of compliance within the Federal Risk and Authorization Management Program (FedRAMP). It aligns with NIST SP 800-53 High Impact controls, ensuring the platform meets the rigorous security requirements for handling the government's most sensitive unclassified data.

Unified Cloud Security for Federal Agencies
Now part of the Qualys Government Platform, TotalCloud provides federal agencies and commercial suppliers with a unified approach to cloud-native security. The platform integrates risk-based prioritization from code to cloud, compliance monitoring, runtime/threat detection, full attack surface discovery, and cloud-native application protection into a single, scalable platform. This comprehensive solution helps organizations accelerate compliance, reduce cyber risk, and streamline security operations.

"In a world where AI-driven threats are shrinking the time to exploit, achieving FedRAMP High Authorization for TotalCloud underscores Qualys' commitment to mission velocity, aligning with the government's Cloud Smart strategy, so our cyber defenders can gain the upper hand," said Sumedh Thakar, president and CEO of Qualys. "Adding this milestone for CNAAP ensures agencies can modernize with confidence, securing their most sensitive workloads, while meeting the highest federal standards for trust and resilience."

Benefits for Federal Agencies and Regulated Industries
Federal agencies, contractors, and organizations aligned to NIST SP 800-53 can leverage Qualys TotalCloud's FedRAMP High Authorization to reduce operational risk and accelerate compliance. TotalCloud supports organizations that need visibility and control over cloud workloads, assuring the posture and risk management of those systems. Through inheritance of pre-validated controls within a shared responsibility model, organizations can streamline their ATO processes, minimize audit complexity, and gain faster access to highly regulated federal environments.

Availability
TotalCloud is now available as part of the Qualys Government Platform on the FedRAMP Marketplace. To learn more, visit qualys.com/fedramp-marketplace or request a demo at qualys.com/gov.

Additional Resources

Read our blog post, "Qualys TotalCloud Achieves FedRAMP High Authorization for Cloud Security and Compliance Assurance"
Request a demo of the Qualys Government Platform at qualys.com/gov.
Register for the webinar, "FedRAMP and NIST Cloud Security and Compliance Requirements"
Follow Qualys on LinkedIn, Instagram and X

About Qualys
Qualys, Inc. (NASDAQ: QLYS) is a leading provider of cloud-based security, compliance and IT solutions with more than 10,000 subscription customers worldwide, including a majority of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and automate their security and compliance solutions onto a single platform for greater agility, better business outcomes, and substantial cost savings.

The Qualys Enterprise TruRisk Platform leverages a single agent to continuously deliver critical security intelligence while enabling enterprises to automate the full spectrum of vulnerability detection, compliance, and protection for IT systems, workloads and web applications across on premises, endpoints, servers, public and private clouds, containers, and mobile devices. Founded in 1999 as one of the first SaaS security companies, Qualys has strategic partnerships and seamlessly integrates its vulnerability management capabilities into security offerings from cloud service providers, including Oracle Cloud Infrastructure, Amazon Web Services, the Google Cloud Platform and Microsoft Azure, along with a number of leading managed service providers and global consulting organizations. For more information, please visit http://www.qualys.com.

Qualys, Qualys VMDR®, Qualys TruRisk and the Qualys logo are proprietary trademarks of Qualys, Inc. All other products or names may be trademarks of their respective companies.

Media Contact:
Rachel Yap Winship
Qualys
Media@Qualys.com

View original content to download multimedia:https://www.prnewswire.com/news-releases/qualys-achieves-fedramp-high-authorization-for-totalcloud-extending-protection-to-cloud-workloads-in-its-government-platform-302771534.html

SOURCE Qualys, Inc.