After adding several new products and services to its growing security and compliance portfolio, Qualys let the cats out of the product roadmap bag at the annual RSA Security Conference in San Francisco. The vulnerability management company announced enhancements to its QualysGuard Cloud Platform, including the new QualysGuard Customizable Questionnaire service, WAF, Enterprise Edition of the QualysGuard Malware Detection Service, virtualized scanners, Dynamic Asset Tagging technology, and the Zero-Day Risk Analyzer that includes VeriSign’s iDefense zero-day vulnerabilities and global threats.

We suspect that the Customizable Questionnaire service and Dynamic Asset Tagging enhancement provide a glimpse into what a Qualys-backed IT GRC platform might look like should the company decide to move into that space – something we suspect will eventually happen as the company moves forward. The company’s investment in malware-related products shows that Qualys plans to diversify its portfolio and provide proactive products to address threats. It also doesn’t hurt that Qualys’ diversification strategy is allowing for tuck-in product and services sales to help bolster its bottom line by preventing additional dollars from going elsewhere.

(Read the full report here. A 451 Research subscription is required but a free trial is available here)