All Posts

7 posts

New EOL QIDs for Microsoft Windows 7 and 2008/R2

Qualys Vulnerability Signature, version 2.4.815-2, will include EOL QIDs (detections for end-of-life software) for Windows 7, Windows 2008, and Windows 2008 R2. Customers will be able to scan the QIDs shown below using Qualys Vulnerability Management (VM):

QID 105859  – EOL/Obsolete Operating System: Microsoft Windows 2008 R2 Detected
QID 105858  – EOL/Obsolete Operating System: Microsoft Windows 2008 Detected
QID 105793  – EOL/Obsolete Operating System: Microsoft Windows 7 Detected

Continue reading …

Actionable Searching and Data Download with Vulnerability Management Dashboards

Qualys is introducing the ability to download data from your vulnerability management dashboards. With Qualys Vulnerability Management Dashboards, you can use Qualys Query Language (QQL) to query the data in your subscription and build vulnerability- and asset-centric dashboards that show your exposure to individual vulnerabilities or groups of vulnerabilities or vulnerabilities with specific attributes, like new patch available found within the last 30 days.

With the new download feature, you can now download this data into a CSV file for additional manipulation outside the platform.

Continue reading …

Citrix ADC and Gateway Remote Code Execution Vulnerability (CVE-2019-19781)

Update January 17, 2020: A new detection in Qualys Web Application Scanning was added. See “Detecting with Qualys WAS” below.

Citrix released a security advisory (CVE-2019-19781) for a remote code execution vulnerability in Citrix Application Delivery Controller (ADC) and Citrix Gateway products. The vulnerability allows an unauthenticated remote attacker to execute arbitrary code on the system. Once exploited, remote attackers could obtain access to private network resources without requiring authentication.

During the week of January 13, attacks on Citrix appliances have intensified. Because of the active attacks and the ease of exploitation, organizations are advised to pay close attention.

Continue reading …

Get Emerging Threats Visibility with Qualys IOC Widgets

Two new built-in widgets for detecting the GravityRAT and GhostSecret advanced threats are now available in Qualys Indication of Compromise (IOC). These threats are of specific concern as they target industries like finance, entertainment, telecommunication and healthcare and have capability to exfiltrate data as well as cause extensive damage to the affected systems. Importing these widgets into your dashboard gives 2-second visibility across your enterprise to identify assets affected by these threats.

Continue reading …

Visualizing Spectre/Meltdown Impact and Remediation Progress

In order to determine the impact of Spectre/Meltdown and track remediation progress across your entire environment, it is important to visualize vulnerability detections in a dynamic dashboard. For more information on Spectre and Meltdown, please see our previous blog.

Using Qualys AssetView, we have created a dashboard with preloaded widgets that can help track remediation progress as you patch against Spectre and Meltdown. These widgets were built with out-of-the-box functionality, and can be imported into any Qualys subscription.

Continue reading …

Making Asset Inventory Actionable With a Cloud-Based System

As we’ve discussed in this blog series on automated IT asset inventory, having — or regaining — unobstructed visibility of your IT environment is key for a strong security and compliance posture.

We met Max, the CISO of a large manufacturer, whose organization progressively lost this visibility, as it adopted cloud computing, mobility, virtualization, IoT and other digital transformation technologies.

AssetView_Overview_v2_crop_searchbarWith the company’s IT environment upended and its network perimeter blurred, Max and the InfoSec team recovered control with a cloud-based, automated IT asset inventory system. This successful solution featured six key elements. In the previous posts, we addressed the first three:

This means that you need a complete and continuously updated list of IT assets, as well as granular security, compliance and system details on each one.

In this post, we’ll explain the next two requirements for an effective cloud-based IT asset inventorying system:

  • Asset criticality rankings
  • Dashboarding and reporting

Continue reading …

New Qualys App for Splunk Enterprise Delivers Real-time Dashboard and Analytics for Security and Compliance Data

Many customers that use the Qualys Cloud Platform for vulnerability management are also using Splunk Enterprise to collect their security and compliance data. Thanks to the new Qualys VM App for Splunk Enterprise with the included Qualys Technology Add-on (TA), customers can monitor and evaluate real-time threat alerts and analysis through a single dashboard. With this unified perspective, customers achieve a more complete picture as well as a streamlined workflow – across their entire infrastructure.

Continue reading …