QualysGuard 7.13 New Features

Christophe Delaure

Last updated on: September 6, 2020

QualysGuard 7.13 expands its support in Vulnerability Management (VM) for scanning printers, routers and other embedded devices. And a powerful, new Scorecard Report in Policy Compliance (PC) consolidates results across policies and technologies into concise, at-a-glance charts for tracking progress in management reviews and helping individual teams see how they compare against others.

Highlights include: Vulnerability Scorecard Report updates, New Compliance Scorecard Report, MS SQL Authentication – Auto Discover Database Instances, and multiple API enhancements.

QualysGuard 7.13 will be released in production in the coming weeks and includes enhancements to QualysGuard Vulnerability Management (VM) and Policy Compliance (PC) reports, QualysGuard Cloud Platform and API. Details about the release schedule are at the end of this blog post.

QualysGuard Vulnerability Management (VM)

New Support for HTTP Authentication

You now have the option to choose HTTP authentication for vulnerability scans. Use HTTP authentication for scanning protected portions of web sites and devices like printers and routers that require HTTP protocol level authentication. (Note that this is not Form-based authentication.) By authenticating we can perform additional vulnerability tests that we couldn’t do otherwise.

HTTP Authentication Record

Vulnerability Scorecard Report – More Date Ranges for Vulnerability Age

We’ve enhanced the Vulnerability Scorecard Report to include more date ranges for showing vulnerability counts by age. We’ll show you the total number of vulnerabilities that are less than 30 days old, 31-60 days, 61-90 days, 91-180 days, 181-270 days and 271-365 days.

VM Scorecard

Remediation Reports – Updated Calculation for Average Resolution

In your remediation reports you’ll see a value for average resolution (Avg. Resolution). The way we calculate the average has changed. We now include:

  1. tickets that moved directly from Open to Closed state by the service, and
  2. tickets that were previously marked Resolved (by a user) and are now marked Closed/Fixed.

In past releases we only considered tickets that had been marked Resolved.

QualysGuard PC Enhancements

New Compliance Scorecard Report

This release introduces the Compliance Scorecard Report – a new template-based compliance report that allows you to:

– Report on multiple policies in a single report (up to 20 policies)

– Report your compliance score across selected policies for specific environments (up to 10 asset groups or asset tags)

– View current compliance status by policy, by asset group/tag and by technology

– Include a breakdown of compliance status changes over a period of time

– Get a list of the top hosts and controls that changed during your selected timeframe

PC Scorecard 1

Scorecard Template

PC Scorecard Template

Report exmaple – Summary

PC Scorecard

Policies Overview

PC Scorcard Policies

MS SQL Authentication – Auto Discover Database Instances

MS SQL authentication now have the ability to discover the the database name, database instance and ports. Choose new auto discover option(s) when you set up your MS SQL authentication records, and the QualysGuard platform will find all matching instances on the target hosts.

When using this option you can simply build one authentication record for multiple IP instead of one per instance/database/port and IP.

MSSQL Auth

Apache Web Server Authentication – Support for Multiple Instances

This release supports authentication to multiple Apache instances on the same host. This means you can create multiple Apache Web Server authentication records with the same IP address defined – as long as the path to the configuration file is unique.

Apache

Policy Report – Control References Added to CSV and XML Formats

You can add references to your controls by using the new policy editor or by editing control details. With this release you can choose to create policy reports with your custom control references in CSV and XML formats. (Note that control references were already available in PDF and HTML reports.)

Control Reference xls

QualysGuard Cloud Platform

Authentication Records – Improved Method for Adding IP Addresses

The Authentication Record IP address selection was simplified. Users now have a simple text field where you can directly enter IPs and IP ranges or paste them in or simply select IPs/Ranges link for a list of IPs you can add to the record.

Auth Record IP

Enforce Auto Delete Storage Settings

With this release the Manager Primary Contact has the ability to enforce certain storage settings across all users in the subscription. For example, if your corporate policy is that scan results should never be deleted, then the Manager Primary Contact would clear the “Automatically delete scan results” check box and select “Apply these settings to all users”. Other users’ storage settings will be replaced with the settings made by the Manager Primary Contact and these settings will not be editable.

Storage

CSV Reports – Option to Hide Header Information

You can now choose to download reports in CSV format without the header information. You can omit the header in all VM reports and PC reports that can be downloaded in CSV format. Basically we’ll include just the central CSV tables containing your security and compliance data, not the metadata.

CSV Report

QualysGuard API Enhancements

The QualysGuard API delivers these new capabilities and enhancements with this release.More information is available in the QualysGuard API community

  • VM and PC – Using “Report Share” API v2 download CSV reports without headers
  • VM – New “HTTP Authentication” API v2
  • PC – New “Policy Merge” API v2
  • PC – Policy Report XML now includes custom control references
  • PC – “Apache Authentication” API v2 – Support for multiple instances per host
  • PC – “MS SQL Authentication” API v2 – Auto discover database instances

Release Schedule

For release notifications containing details about the release dates for specific platforms and to subscribe to release notifications by email, please see the following:

Show Comments (1)

Leave a Reply to David Farndale Cancel reply

Your email address will not be published. Required fields are marked *