Tag: rpt | Qualys Blog

New EOL QIDs for Microsoft Windows 7 and 2008/R2

Posted by Animesh Jain in Qualys Technology on February 7, 2020

Qualys Vulnerability Signature, version 2.4.815-2, will include EOL QIDs (detections for end-of-life software) for Windows 7, Windows 2008, and Windows 2008 R2. Customers will be able to scan the QIDs shown below using Qualys Vulnerability Management (VM):

QID 105859 – EOL/Obsolete Operating System: Microsoft Windows 2008 R2 Detected
QID 105858 – EOL/Obsolete Operating System: Microsoft Windows 2008 Detected
QID 105793 – EOL/Obsolete Operating System: Microsoft Windows 7 Detected

1 Comment
Permalink
Tags: dashboard, eol, esu, microsoft, ms, qid, rpt, vm, windows

Actionable Searching and Data Download with Vulnerability Management Dashboards

Posted by Felix Jimenez in Qualys Technology on February 4, 2020

Qualys is introducing the ability to download data from your vulnerability management dashboards. With Qualys Vulnerability Management Dashboards, you can use Qualys Query Language (QQL) to query the data in your subscription and build vulnerability- and asset-centric dashboards that show your exposure to individual vulnerabilities or groups of vulnerabilities or vulnerabilities with specific attributes, like new patch available found within the last 30 days.

With the new download feature, you can now download this data into a CSV file for additional manipulation outside the platform.

No Comments
Permalink
Tags: #VisualizeDataNotCSVs, dashboard, notification, reporting, rpt, vm

Citrix ADC and Gateway Remote Code Execution Vulnerability (CVE-2019-19781)

Posted by Animesh Jain in Qualys Technology, Security Labs, The Laws of Vulnerabilities, Web Application Security on January 8, 2020

Update January 17, 2020: A new detection in Qualys Web Application Scanning was added. See “Detecting with Qualys WAS” below.

Citrix released a security advisory (CVE-2019-19781) for a remote code execution vulnerability in Citrix Application Delivery Controller (ADC) and Citrix Gateway products. The vulnerability allows an unauthenticated remote attacker to execute arbitrary code on the system. Once exploited, remote attackers could obtain access to private network resources without requiring authentication.

During the week of January 13, attacks on Citrix appliances have intensified. Because of the active attacks and the ease of exploitation, organizations are advised to pay close attention.

No Comments
Permalink
Tags: assetview, citrix, dashboard, rpt, tp, vm, vulnerability, was, web application scanning

Free Training: New Certified Learning Paths

Posted by Nick Dlouhy in Qualys News, Qualys Technology on March 18, 2019

The Qualys Training team is eager to share all of the recent additions to our free training program, as well as provide insight into what is coming in 2019. You can expect to see regular updates as we continue to improve our training offerings!

It is our mission to help Qualys customers and partners become more familiar with the entire portfolio of Qualys Cloud Apps, learn key workflows and adopt best practices. To help guide you, we are creating Learning Paths which take you from fundamentals through advanced topics, and ensure you have a complete foundation in Qualys technology.

All Posts

New EOL QIDs for Microsoft Windows 7 and 2008/R2

Actionable Searching and Data Download with Vulnerability Management Dashboards

Citrix ADC and Gateway Remote Code Execution Vulnerability (CVE-2019-19781)

Free Training: New Certified Learning Paths