Qualys Vulnerability Signature, version 2.4.815-2, will include EOL QIDs (detections for end-of-life software) for Windows 7, Windows 2008, and Windows 2008 R2. Customers will be able to scan the QIDs shown below using Qualys Vulnerability Management (VM):
QID 105859 – EOL/Obsolete Operating System: Microsoft Windows 2008 R2 Detected QID 105858 – EOL/Obsolete Operating System: Microsoft Windows 2008 Detected QID 105793 – EOL/Obsolete Operating System: Microsoft Windows 7 Detected
Qualys is introducing the ability to download data from your vulnerability management dashboards. With Qualys Vulnerability Management Dashboards, you can use Qualys Query Language (QQL) to query the data in your subscription and build vulnerability- and asset-centric dashboards that show your exposure to individual vulnerabilities or groups of vulnerabilities or vulnerabilities with specific attributes, like new patch available found within the last 30 days.
With the new download feature, you can now download this data into a CSV file for additional manipulation outside the platform.
Update January 17, 2020: A new detection in Qualys Web Application Scanning was added. See “Detecting with Qualys WAS” below.
Citrix released a security advisory (CVE-2019-19781) for a remote code execution vulnerability in Citrix Application Delivery Controller (ADC) and Citrix Gateway products. The vulnerability allows an unauthenticated remote attacker to execute arbitrary code on the system. Once exploited, remote attackers could obtain access to private network resources without requiring authentication.
Two new built-in widgets for detecting the GravityRAT and GhostSecret advanced threats are now available in Qualys Indication of Compromise (IOC). These threats are of specific concern as they target industries like finance, entertainment, telecommunication and healthcare and have capability to exfiltrate data as well as cause extensive damage to the affected systems. Importing these widgets into your dashboard gives 2-second visibility across your enterprise to identify assets affected by these threats.
In order to determine the impact of Spectre/Meltdown and track remediation progress across your entire environment, it is important to visualize vulnerability detections in a dynamic dashboard. For more information on Spectre and Meltdown, please see our previous blog.
Using Qualys AssetView, we have created a dashboard with preloaded widgets that can help track remediation progress as you patch against Spectre and Meltdown. These widgets were built with out-of-the-box functionality, and can be imported into any Qualys subscription.
As we’ve discussed in this blog series on automated IT asset inventory, having — or regaining — unobstructed visibility of your IT environment is key for a strong security and compliance posture.
We met Max, the CISO of a large manufacturer, whose organization progressively lost this visibility, as it adopted cloud computing, mobility, virtualization, IoT and other digital transformation technologies.
With the company’s IT environment upended and its network perimeter blurred, Max and the InfoSec team recovered control with a cloud-based, automated IT asset inventory system. This successful solution featured six key elements. In the previous posts, we addressed the first three:
Many customers that use the Qualys Cloud Platform for vulnerability management are also using Splunk Enterprise to collect their security and compliance data. Thanks to the new Qualys VM App for Splunk Enterprise with the included Qualys Technology Add-on (TA), customers can monitor and evaluate real-time threat alerts and analysis through a single dashboard. With this unified perspective, customers achieve a more complete picture as well as a streamlined workflow – across their entire infrastructure.