After the publication of Golden AMI Pipeline integration with Qualys, some Qualys customers reached out asking how to integrate Qualys Vulnerability Management scanning into other types of CI/CD Pipelines. To answer these questions, we’ve published the new guide, Assess Vulnerabilities and Misconfiguration in CI/CD Pipelines.
The upcoming release of the Qualys Cloud Platform (VM, PC), version 8.21.2, includes several new features in Qualys Cloud Platform and support for multiple technologies in Qualys Policy Compliance. The 8.21.2 release is scheduled to go live on 16th Sept, 2019.
Cisco published an update for Cisco IOS XE operating system to patch a critical vulnerability that could allow a remote attacker to bypass authentication on devices running an outdated version of Cisco REST API virtual service container.
The security issue is tracked as CVE-2019-12643 and has received a maximum severity rating score of 10 based on CVSS v3 Scoring system.
This new release of the Qualys Cloud Platform (VM, PC), version 8.20.1, includes support for new technologies and platforms, addition of new technology for Windows UDCs as well as an update in an existing option name (“Scan agent hosts in my target”) in the Launch Vulnerability Scan page.
A vulnerability affecting the official Alpine Docker images version >=3.3 contains a null password for the root user. Due to the nature of this issue, systems deployed using affected versions of the Alpine Linux container that utilize Linux PAM, or some other mechanism that uses the system shadow file as an authentication database, may accept a NULL password for the root user.
This new release of the Qualys Cloud Platform, version 126.96.36.199, includes the new look for the App Picker, new technology support for Unix UDCs, and error code/text for errors that occur during control evaluation.
The Qualys Training team has expanded the AssetView & Threat Protection course, and added two new training series: CertView and Troubleshooting Scanner Appliance Error Codes.
These new additions build on last month’s update, when we introduced the new Vulnerability Management learning path, which takes you from the fundamentals through advanced topics, and ensures you have a complete foundation in Qualys technology.
The Qualys Training team brings you these updates to help you learn quickly how to get the most value from your Qualys subscription. Read on for more detail on what’s new this month.