Qualys Community

1064 posts

How Policy Compliance Plays a Mitigation Role to Protect Your System

Vulnerabilities can be serious threats. Once found, system administrators try everything to restore security, such as patching and mitigating. Patching is always the first choice since it’s normally the definitive way to resolve the vulnerability. However, system administrators will sometimes need to mitigate, especially in two cases:

Case 1. A patch has not been released by the vendor.
Case 2. Patching the vulnerability isn’t a high priority in the customer’s environment but still needs to be addressed.

Many vulnerabilities can be mitigated by changing a specific configuration setting in the OS or application. In this blog post, I use HTTPoxy as an example of how Qualys Policy Compliance can play an important role in this type of mitigation by identifying and reporting on all your systems that don’t have the desired configuration.

Continue reading …

Mystery Magic Bytes From The Equation Leak

Days ago, a mysterious online group called Shadow Brokers claims to have stolen US “cyber weapons” from a hacking team called Equation Group.  These “cyber weapons” contain about a dozen vulnerabilities which are believed to be exploits used by the National Security Agency (NSA). In this blog, I will analyze the shellcode from the Cisco exploit and show its behind-the-scenes behavior.

Continue reading …

Qualys Cloud Platform 2.16 New Features

A new release of the Qualys Cloud Platform (AssetView 2.16, Cloud Agent Platform 1.7.0) includes several new features for AssetView, ThreatPROTECT and Cloud Agent.

Continue reading …

Equation Group Hack: Cisco ASA and FortiGate Vulnerabilities

cisco-asa-fortinet

By now you must have heard about the Equation group hack, Shadow Brokers, NSA ANT catalog and an entire gamut of information. Here I will update on what we have confirmed and how it affects your patching effort.

Continue reading …

Qualys Cloud Platform 2.15 New Features

A new release of the Qualys Cloud Platform (AssetView 2.15, Cloud Agent Platform 1.6.0) includes several new features for AssetView and support for additional operating systems for Cloud Agent.

The specific day for deployment will differ depending on the platform. Release Dates will be published on the Qualys Status page when available.

Continue reading …

Microsoft Patch Tuesday August 2016

Its August 2016 Patch Tuesday and Microsoft has released nine security bulletins that affect a host of components including desktop operating systems, browsers, fonts  and servers. Five updates are rated as critical while four are rated as important.

Continue reading …

WAS 4.9 Introduces Global Exclusion Lists and Scan Comparison Feature

We are pleased to announce Qualys Web Application Scanning 4.9 (WAS) featuring customized global exclusion lists and enhanced reporting with a new, quick and easy scan comparison feature to help you meet your web application scanning needs and meet your business objectives even quicker.

Continue reading …

Testing AJAX Applications with JSON Input for Vulnerabilities Using Qualys WAS

Qualys Web Application Scanning 4.9 has added the capability to run web app vulnerability scans on AJAX applications that use JSON input. Specifically, WAS 4.9 can test for SQL injection (SQLi), local file injection (LFI) and PHP command injection. Many web application scanners are capable of detecting SQL injection, LFI, PHP command injection and other vulnerabilities in web applications that use standard GET/POST requests, but they fail to find the same in applications that use JSON input in POST data. To analyze and detect vulnerability in JSON requests, WAS 4.9 added the capability to execute some AJAX scripts in automatic scanning without manual intervention. This capability relies on the SmartScan feature, which customers need to enable in their subscriptions.

Continue reading …

TLS Version Intolerance in SSL Pulse

You often hear that TLS is the most important security protocol. Usually, the reasoning is that it’s very widely deployed and also that it works for many higher-level protocols. That’s certainly true, but for those who work more closely with these protocols there is another important aspect: we can learn so much about protocol design by carefully examining the evolution of TLS.

Continue reading …