Qualys Cloud Platform 8.21.2 New Features

This new release of the Qualys Cloud Platform (VM, PC), version 8.21.2, includes Virtual Scanner Appliance support for Alibaba Cloud Compute, scheduling of EC2 scans with no scannable EC2 assets in Asset Tags in Qualys Vulnerability Management, expanded support for instance discovery and auto record creation in Qualys Policy Compliance, compliance support for Oracle 19c, and more.

Feature Highlights

Qualys Cloud Platform

Virtual Scanner Appliance Support for Alibaba Platform – Qualys now supports the Qualys Virtual Scanner Appliance on Alibaba Cloud Compute.

To download virtual scanner images from the Qualys UI, go to Vulnerability Management > Appliances > New > Virtual Scanner Appliance and then click Download under “Download Image Only”. The Available Distributions list will now include the new Alibaba Marketplace Image.

Qualys Vulnerability Management (VM)

  • Schedule an EC2 Scan with no scannable EC2 Assets in Asset Tags – Users with the role of an Account Manager or a Unit Manager can now schedule an EC2 scan even if the asset tags don’t resolve to hosts at the time of scheduling. This enables users to go ahead with a scheduled scan in spite of the unresolved asset tags. During the scan, scanning will be skipped for the asset tags with no scannable assets and in case new hosts show up later that match the asset tags, they will be scanned automatically as per the schedule.

To schedule an EC2 scan, go to Scans > Schedules and in the New menu, select Schedule EC2 Scan.


Qualys Policy Compliance (PC)

Expanded Support for Instance Discovery and Auto Record Creation – Instance discovery and auto record creation is now supported for IBM WebSphere App Server and JBoss Server. This was previously supported for Apache Web Server.

The following capabilities now are available for IBM WebSphere App Server and JBoss Server:

  • Support for scanning multiple instances running on the same host, and when hosts have varying configurations.
  • 2-phased scanning process. First, a discovery scan finds IBM WebSphere/JBoss instances, consolidates instance data, and creates/updates auth records in the user’s account. Then an assessment scan uses the records saved in the user’s account for control evaluations.
  • New option profile settings allow you to achieve the following:
    • Enable instance discovery and auto record creation
    • Include system-created records for scans
    • Determine whether to send system records or user records when there are 2 records for the same instance configuration.
  • Compliance scan results show a list of instances discovered by the scan when the instance discovery and auto record creation feature is enabled for the scan. Compliance assessment data is not collected during instance discovery scans.
  • New System created auth records. Auto created authentication records have the owner “System”. These records cannot be edited by users.
  • You can enable IBM WebSphere/JBoss records for authenticated scanning, i.e. set as Active, or disable this, i.e. set as Inactive.

For more information, search the help for “System Authentication Records.” For details on API changes, please see the Qualys API Release Notes.

Support for Oracle 19c – Qualys has extended its support for Oracle authentication to include Oracle 19c. Users need an Oracle authentication record to authenticate to an Oracle database instance running on a Unix or Windows host and scan it for compliance.
To authenticate, do the following:

    • Go to Scans > Authentication.
    • Make sure that you have a Unix or Windows record already defined for the host running the database.
    • Click New > Oracle Record to create an Oracle record for the same host.

Once authentication is done, users can see Oracle 19c host technology in compliance reports, compliance scan results, in the technologies list while creating a policy and while searching for controls by technologies.

Scan Results Shown for SUSE 11.x from Cloud Agent Scans – Now users can get scan results for SUSE 11.x from Cloud agent scans if the technology is selected in the UDC. This applies to all Unix UDCs.

Ubuntu 14.x and SUSE 12.x added to the Unix Directory Check UDC – Qualys now supports 2 new technologies in the Unix Directory Check UDC – Ubuntu 14.x and SUSE 12.x. These technologies are now supported by agent scans for all Unix UDCs.

New Technologies Supported in Compliance Scans for Unix Hosts – Qualys now supports 2 new host technologies – Elasticsearch and Apache Kafka in compliance scans for hosts running on Unix platform. Elasticsearch and Apache Kafka information is displayed for scanned hosts in Compliance scan reports and Authentication reports when the applications are found on the scanned hosts.
Note: Users need a Unix authentication record for the hosts running Elasticsearch and Apache Kafka.

Support for New OCA Technologies – With this release, Qualys adds support for the following new technologies on assets for which data is collected using Out-of-Band Configuration Assessment (OCA) tracking:

  • Cisco FTD 6
  • Cisco WLC 8

Support for Red Hat Fedora 30 – Qualys has extended its support for Policy Compliance (PC) scans to include Red Hat Fedora 30. This new support is covered under existing technology name “Red Hat Fedora”.

View History of Control Status Changes – With this release, users can view the scan dates when control status changes occur. For a control with a status of “Pass”, users can view the first and last scan dates when the control passed. Similarly, for a control with a status of “Fail”, users can view the first and last scan dates when the control failed.

This information is displayed on the Control View tab and in Policy Reports (depending on template settings).

One response to “Qualys Cloud Platform 8.21.2 New Features”

  1. This is good to hear. Also wish there was an easy way to just show the “Latest Control Value” found across all assets but include the history of such changes within the asset itself.

    View History of Control Status Changes – With this release, users can view the scan dates when control status changes occur. For a control with a status of “Pass”, users can view the first and last scan dates when the control passed. Similarly, for a control with a status of “Fail”, users can view the first and last scan dates when the control failed.

Leave a Reply