QualysGuard 7.13 New Features
Last updated on: September 6, 2020
QualysGuard 7.13 expands its support in Vulnerability Management (VM) for scanning printers, routers and other embedded devices. And a powerful, new Scorecard Report in Policy Compliance (PC) consolidates results across policies and technologies into concise, at-a-glance charts for tracking progress in management reviews and helping individual teams see how they compare against others.
Highlights include: Vulnerability Scorecard Report updates, New Compliance Scorecard Report, MS SQL Authentication – Auto Discover Database Instances, and multiple API enhancements.
QualysGuard 7.13 will be released in production in the coming weeks and includes enhancements to QualysGuard Vulnerability Management (VM) and Policy Compliance (PC) reports, QualysGuard Cloud Platform and API. Details about the release schedule are at the end of this blog post.
QualysGuard Vulnerability Management (VM)
New Support for HTTP Authentication
You now have the option to choose HTTP authentication for vulnerability scans. Use HTTP authentication for scanning protected portions of web sites and devices like printers and routers that require HTTP protocol level authentication. (Note that this is not Form-based authentication.) By authenticating we can perform additional vulnerability tests that we couldn’t do otherwise.
Vulnerability Scorecard Report – More Date Ranges for Vulnerability Age
We’ve enhanced the Vulnerability Scorecard Report to include more date ranges for showing vulnerability counts by age. We’ll show you the total number of vulnerabilities that are less than 30 days old, 31-60 days, 61-90 days, 91-180 days, 181-270 days and 271-365 days.
Remediation Reports – Updated Calculation for Average Resolution
In your remediation reports you’ll see a value for average resolution (Avg. Resolution). The way we calculate the average has changed. We now include:
- tickets that moved directly from Open to Closed state by the service, and
- tickets that were previously marked Resolved (by a user) and are now marked Closed/Fixed.
In past releases we only considered tickets that had been marked Resolved.
QualysGuard PC Enhancements
New Compliance Scorecard Report
This release introduces the Compliance Scorecard Report – a new template-based compliance report that allows you to:
– Report on multiple policies in a single report (up to 20 policies)
– Report your compliance score across selected policies for specific environments (up to 10 asset groups or asset tags)
– View current compliance status by policy, by asset group/tag and by technology
– Include a breakdown of compliance status changes over a period of time
– Get a list of the top hosts and controls that changed during your selected timeframe
Report exmaple – Summary
MS SQL Authentication – Auto Discover Database Instances
MS SQL authentication now have the ability to discover the the database name, database instance and ports. Choose new auto discover option(s) when you set up your MS SQL authentication records, and the QualysGuard platform will find all matching instances on the target hosts.
When using this option you can simply build one authentication record for multiple IP instead of one per instance/database/port and IP.
Apache Web Server Authentication – Support for Multiple Instances
This release supports authentication to multiple Apache instances on the same host. This means you can create multiple Apache Web Server authentication records with the same IP address defined – as long as the path to the configuration file is unique.
Policy Report – Control References Added to CSV and XML Formats
You can add references to your controls by using the new policy editor or by editing control details. With this release you can choose to create policy reports with your custom control references in CSV and XML formats. (Note that control references were already available in PDF and HTML reports.)
QualysGuard Cloud Platform
Authentication Records – Improved Method for Adding IP Addresses
The Authentication Record IP address selection was simplified. Users now have a simple text field where you can directly enter IPs and IP ranges or paste them in or simply select IPs/Ranges link for a list of IPs you can add to the record.
Enforce Auto Delete Storage Settings
With this release the Manager Primary Contact has the ability to enforce certain storage settings across all users in the subscription. For example, if your corporate policy is that scan results should never be deleted, then the Manager Primary Contact would clear the “Automatically delete scan results” check box and select “Apply these settings to all users”. Other users’ storage settings will be replaced with the settings made by the Manager Primary Contact and these settings will not be editable.
CSV Reports – Option to Hide Header Information
You can now choose to download reports in CSV format without the header information. You can omit the header in all VM reports and PC reports that can be downloaded in CSV format. Basically we’ll include just the central CSV tables containing your security and compliance data, not the metadata.
QualysGuard API Enhancements
The QualysGuard API delivers these new capabilities and enhancements with this release.More information is available in the QualysGuard API community
- VM and PC – Using “Report Share” API v2 download CSV reports without headers
- VM – New “HTTP Authentication” API v2
- PC – New “Policy Merge” API v2
- PC – Policy Report XML now includes custom control references
- PC – “Apache Authentication” API v2 – Support for multiple instances per host
- PC – “MS SQL Authentication” API v2 – Auto discover database instances
For release notifications containing details about the release dates for specific platforms and to subscribe to release notifications by email, please see the following:
- US Platform 1
- US Platform 2
- EU Platform
- API notifications (for all platforms)
Some great updates in the next release but i especially like the ability to report across multiple policies in POL. Thanks