Case Study: Saudi Telecom Company achieves greater vulnerability visibility and faster remediation with Qualys Vulnerability Management

Saudi Telecom Company Modernises Vulnerability Management by Increasing Visibility of Digital Risks

Saudi Telecom Company (STC), the largest telecommunications provider in the Middle East and North Africa, needed better visibility across its vast, diverse infrastructure to protect government, business and consumer traffic. With thousands of systems spanning multiple OSes and applications, STC relied on time-consuming, manual vulnerability checks and risked service disruption when patching, so it sought an automated, comprehensive way to detect, prioritise and manage vulnerabilities without impacting availability.

STC deployed Qualys Vulnerability Management and Policy Compliance on a private-cloud instance to meet in-country data requirements and build a multi-tenant cyber‑security-as-a-service offering. Scanning over 9,000 servers weekly and integrating findings into its GRC, STC now prioritises patching by severity, has reduced vulnerabilities year‑on‑year, shortened remediation times, cut manual effort, improved security culture, and is rolling out cloud-based security services to subsidiaries and customers.

Saudi Telecom Company

Yasser Al Swailem

General Manager of Information Security