Case Study: VGZ achieves automated, accurate network-to-web vulnerability protection with Qualys

Securing System Vulnerabilities from the Network to the Web

Coöperatie VGZ is the second-largest health insurer in the Netherlands, serving more than 4.2 million customers from its Arnhem headquarters and multiple branch offices. Facing a growing range of web-application threats to sites and customer portals (many on .NET and SharePoint) that handle sensitive healthcare data, VGZ needed an easy-to-deploy, highly accurate and automated way to discover, prioritize and remediate vulnerabilities across its infrastructure.

VGZ extended its long-standing use of Qualys Vulnerability Management to include Qualys Web Application Scanning, gaining automated, low–false-positive scans, scheduling flexibility and built-in remediation guidance. The solution uncovered multiple high-severity issues (including XSS and SQL injection) across affiliated sites, sped up remediation, now runs monthly and ad-hoc scans across ~25 web servers, and improved VGZ’s ability to maintain security, availability and audit compliance.

VGZ

Arthur Visser

Senior Infrastructure Engineer