All Posts

89 posts

Qualys Cloud Platform 8.21.7 New Features

The upcoming release of the Qualys Cloud Platform (VM, PC), version 8.21.7, will include new features in Qualys Cloud Platform and Qualys Policy Compliance. This release will also add new technology support for Riverbed SteelHead RiOS in Qualys Policy Compliance via Qualys Out-of-Band Configuration Assessment (OCA).

This release is scheduled to go live across the shared platforms starting November 26, 2019.

Continue reading …

Policy Compliance Library Updates, October 2019

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS and application vendors and other industry best practices.

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

The October release includes the following new policy and updates:

  • 2 new technologies for OCA
  • 7 new technologies for Scanner
  • 10 new CIS Benchmark policies
  • 3 new browser policies for Cloud Agent
  • 11 new Industry and Best Practice policies
  • 1 new DISA STIG policy
  • 1 Microsoft Security Baseline policy
  • More than 100 updated policies

Qualys’ Certification Page at CIS has been updated.

Continue reading …

Qualys Cloud Platform 8.21.6 New Features

The upcoming release of the Qualys Cloud Platform (VM, PC), version 8.21.6, will include several new features in Qualys Cloud Platform, Vulnerability Management, and Policy Compliance. 8.21.6 will also add support for multiple technologies in Qualys Policy Compliance.

This release is scheduled to go live across the shared platforms starting November 15, 2019.

Continue reading …

Graboid: Revenge of the Worms

This week saw news of self-propagating worms in the container landscape to perform unsanctioned computation tasks such as cryptojacking. This blog post is intended for Qualys customers and partners to understand how such container attacks work, provide security best practice recommendations & walkthrough related Qualys product portfolio functionality.

Continue reading …

Qualys Cloud Platform 8.21.2 New Features

This new release of the Qualys Cloud Platform (VM, PC), version 8.21.2, includes Virtual Scanner Appliance support for Alibaba Cloud Compute, scheduling of EC2 scans with no scannable EC2 assets in Asset Tags in Qualys Vulnerability Management, expanded support for instance discovery and auto record creation in Qualys Policy Compliance, compliance support for Oracle 19c, and more.

Continue reading …

Assess Vulnerabilities, Misconfigurations in CI/CD Pipeline

After the publication of Golden AMI Pipeline integration with Qualys, some Qualys customers reached out asking how to integrate Qualys Vulnerability Management scanning into other types of CI/CD Pipelines. To answer these questions, we’ve published the new guide, Assess Vulnerabilities and Misconfiguration in CI/CD Pipelines.

Continue reading …

Qualys Cloud Platform 8.21.2 New Features

The upcoming release of the Qualys Cloud Platform (VM, PC), version 8.21.2, includes several new features in Qualys Cloud Platform and support for multiple technologies in Qualys Policy Compliance. The 8.21.2 release is scheduled to go live on 16th Sept, 2019.

See full 8.21.2 new features blog post for additional details on this release.

Continue reading …

Policy Compliance Library Updates, July 2019

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS and application vendors and other industry best practices. 

In order to keep up with the latest changes in security control requirements and new technologies, Qualys publishes new content to the Policy Library every month.

The July 2019 release includes the following new policy and updates:

  • 13 updated policies
  • 11 new technologies
  • 6 new DISA STIG policies
  • 1 new Industry and Best Practice policies
  • 1 Microsoft Security Baseline policy

Continue reading …

FedRAMP ConMon – Efficiently & Effectively Managing SLAs for RA-5d Requirement

Are you a FedRamp-certified organization looking to more effectively maintain your FedRAMP status? There are tools available to help simplify the process and while the process involves some terminology, it is easily understood as outlined below. Additionally, it is supported by pre-built dashboards in the Qualys Cloud Platform that help organizations meet SLAs for required remediations.

Continue reading …

Qualys Cloud Platform (VM, PC) 8.21 New Features

This new release of the Qualys Cloud Platform (VM, PC), version 8.21, adds new technologies and platforms, and support for scanning ESXi hosts on vCenter for vulnerabilities.

Continue reading …