It is January 2015 and the week before the year’s first Patch Tuesday. Microsoft should have posted their first Advance Notification (ANS) kicking off the patch cycle. But a new year brings many changes and the Advanced Notification is affected by one of them. Microsoft will stop providing the ANS information to the general public and parties interested will have to ask for the it through their account manager. Hmmh, I personally have always thought that our customers were interested in the information contained in ANS, but we will see how that works out.
This new release of the Qualys Cloud Suite includes multiple improvements to Vulnerability Management and Policy Compliance.
- Qualys Cloud Platform Updates
- New Getting Started Tutorials
- Forgot Password Workflow
- Expired Password Options
- Ability to Delete Empty Networks
- Cisco IOS Authentication – Support for Cyber-Ark PIM Suite Vaults
- Run Scheduled Reports on Demand
- Download Email List from Distribution Group
- General UI Improvements
- New Authentication Vault API
- Vulnerability Management (VM) Updates
- Policy Compliance (PC) Updates
Qualys Cloud Suite 8.3 will be released in production in the coming weeks and includes enhancements to Vulnerability Management (VM) and Policy Compliance (PC), the Qualys Cloud Platform and the API.
For release notifications containing details specific to each platform, including the release date, and to subscribe to release notifications for your platform, please see the following:
- US Platform 1 Release Notification
- US Platform 2 Release Notification
- EU Platform Release Notification
This new release of the Qualys Cloud Suite of Security and Compliance Applications includes multiple improvements to Vulnerability Management and Policy Compliance designed to improve ease of use, add reporting options and features, and expand platform support including compliance scanning for Amazon EC2.
Feature highlights include:
- Asset Tag Support in Remediation Policies in Vulnerability Management
- Policy Library and Reporting Improvements in Policy Compliance
- Compliance Scanning support for Amazon EC2 in Policy Compliance
- Several core improvements including:
- New Authentication Dashboard with drill down support
- Account Activity page
- Customizable report footers
- Improved date picker
- Notification improvements
- Platform support for Microsoft IIS 8
QualysGuard 8.0 adds the following capabilities to the QualysGuard Cloud Platform and its suite of services:
- Featured Enhancement: Overlapping IP support
- Vulnerability Management
- Improvements to the SSL Certificates List
- Configure Multiple PCI Option Profiles
- Security Risk Score Summary Added to XML and CSV Reports
- Policy Compliance
- Golden Image Policy Organized Into Sections
- Select Individual IPs for Your Policy Reports
- Control Checksum Requirement Removed from Policy XML
- QualysGuard Platform
- New Look and Feel for QualysGuard Express
- Improved IP Selection
- QualysGuard API Enhancements
Qualys will decommission its legacy platform scan distribution service, "Dispatcher", in favor of New Scanner Services, which has been in operation since 2010. The vast majority of user subscriptions have already been migrated to New Scanner Services, and Qualys will now begin a final push to migrate all remaining subscriptions. The migration action requires no user action and is non-disruptive except in special circumstances, as described below.
This document outlines the process that will occur and provides guidance on what to expect. If you have further questions, you may contact your Qualys reseller contact; your Qualys account manager; and/or Qualys support. Details about the migration schedule are at the end of this blog post.
An update to QualysGuard 7.12 will be released in production in the coming weeks to introduce improvements to the QualysGuard Cloud Platform and API:
- New Permission to Manage External IDs
- Dissolvable Agent Per Scan
- QualysGuard API Enhancements
Update: Also see details on the update to QualysGuard 7.12.
QualysGuard 7.12 will be released in production in the coming weeks and includes enhancements to QualysGuard Vulnerability Management (VM) and Policy Compliance (PC) reports, and API.
Highlights include: new Certificate (SSL) Dashboard, new VM Authentication Report, Test Control function in the Policy Editor, and API enhancements.
The new QualysGuard Vulnerability Notification feature allows you to configure QualysGuard to send email notifications to users about new and updated vulnerabilities in the QualysGuard KnowledgeBase. An update to QualysGuard 7.11 will be released in production in the coming weeks to introduce this feature.
QualysGuard 7.11 will be released in production in the coming weeks and includes enhancements to QualysGuard Vulnerability Management (VM) and Policy Compliance (PC) reports, and API.
Highlights include: ability to rerun a report, new “Host Scan Date” filter and “Vulnerability Fixed On” date filter for the vulnerability scorecard report, and API enhancements.
QualysGuard 7.10 will be released in production in the coming weeks and includes enhancements to QualysGuard Cloud Platform, Vulnerability Management (VM), Policy Compliance (PC) and API.
New QualysGuard Express Lite
The new service offering QualysGuard Express Lite for SMBs is launched with this release.
QualysGuard Cloud Platform Enhancements
Redesigned Application Picker: In this release, the application picker has been redesigned with a new look & feel to clearly show to users the various applications available in their subscriptions.