A new release of the Qualys Cloud Suite, version 8.8, is targeted for release in July and includes updates for usability and functionality across the platform as well as Vulnerability Management and Policy Compliance.
Cloud Platform: Asset Search has been improved making it easier to find, report and take actions on assets via the Asset Search Report. Several improvements to enforce security levels for Windows authentication were added, along with new options for scanner replacement, IPv6 Configuration, and stored data retention.
Vulnerability Management: Several exciting new features are available in VM in this release including CVSS version 3 and the ability to close vulnerabilities for “dead hosts” following a scan. Additional attributes are now available when downloading KnowledgeBase and in Vulnerability Notifications.
Policy Compliance: We are continuing the expansion of application technology assessment with the addition of Oracle WebLogic, IBM HTTP Server 8, IBM WebSphere 8, and assessment for Checkpoint Firewall. Improvements have been made to Exception Management, and it’s now easier to associate Cloud Agent assets with Policies. We’ve also included several improvements to the User Defined Controls and released the new Windows Group Membership UDC.
Qualys Cloud Platform
- Improvements to Asset Search – You can download and take actions from the Asset Search report.
- Windows Authentication – Enforce versions supported for SMB, Kerberos and NTLM Authentication to improve security as you phase out the older protocols.
- Enhanced Authentication Messages – It’s now easier to determine the cause when authentication failures occur.
- New Replace Scanner Options – You can now decide when to define new or copy old configurations when upgrading.
- Increased Storage Option – Allow you to set automatic purging options for 1-13 months of data retention for scan and map results when using auto-delete feature.
- Create IPv6 Asset Groups without Scanner Appliances – If you’re using IPv6, you can now define IPv6 Asset Groups without defining a scanner appliance allowing you to determine which scanner to use at scan time. (IPv6 must be enabled in your account)
Qualys Vulnerability Management (VM)
- Close Vulnerabilities on Dead Hosts option – You can now quickly close vulnerabilities for hosts that have been removed in your environment if not found alive after a predefined number of scans. (This option must be enabled in your subscription)
- CVSS v3 – We now display the CVSS v3 base and temporal scores for vulnerabilities assigned to CVEs by NIST in vulnerability reports, search lists, and in the KnowledgeBase.
- Additional attributes have been added to Vulnerability Notification CSV as well as KnowledgeBase downloads in XML and CSV format.
Qualys Policy Compliance (PC/SCAP)
- Improvements to Exception Assignments – the list of assignees is now restricted to those with rights to the assets when performing bulk exception requests.
- Support for Agent IP’s in Compliance Policy – It is now much easier to use Policy Compliance with Cloud Agents. You can easily report on agent hosts in Policy Compliance by selecting include agent host option in your policies and then leveraging agent tracking in PC features and reports.
- User Defined Control improvements: Handling “Item not Found” option – decide how to interpret UDC results when an item configured in the UDC is not found on a targeted host.
- New Windows Group Membership User Defined Control – Set up a Group Membership Check UDC to list the members of a local group
- New Technologies Supported for WMI Query Check UDC now support Windows 2003 and 2008 Active Directory servers.
- New Technologies Supported – Checkpoint Firewall, Oracle WebLogic Server, IBM HTTP Server 8/IBM WebSphere 8.
For more details about the above features – please review the attached release notes: qualys-880-release-notes.
For details on API changes in this release, please review:
Platform release dates will be published on the Qualys Status page when available.