Qualys Blog

www.qualys.com
Tim White

Qualys Cloud Suite 8.10 New Features

This new release of the Qualys Cloud Suite, version 8.10, includes new capabilities and improvements to for VM, PC and shared platform improvements:

  • Authentication Vault integration with BeyondTrust
  • Mandate-Based reporting for Policy Compliance to simplify reporting against multiple mandates and audit frameworks.
  • Expanded support & features for scanning Cloud Environments such as Amazon EC2, Azure, and Google GCE.
  • VM Scanning, Reporting, and SSL Labs Improvements
  • Ability to export/import UDC definitions with Policy XML and Qualys Library Content
  • Policy Compliance support for PostGRE SQL and UDC Support for Amazon Linux 2016

See Also:

Highlights

Qualys Cloud Platform

  • New Authentication Vault for BeyondTrust PowerBroker Password Safe (PBPS) – Our new authentication vault can be used to securely retrieve authentication credentials at scan time, for all authentication record types except Cisco, IBM DB2, Sybase and PostgreSQL.
  • Application & Database Authentication Records – We improved some of our authentication record types to be consistent with the OS authentication records. Authentication Records updated for:  VMware, MySQL, Sybase, MS IIS, Apache Web Server, IBM WebSphere App Server, Tomcat Server, Oracle WebLogic Server.
  • More User Details in the Activity Log – The Details section of the Activity Log will now include the user role and user login for new and updated user accounts. You’ll also see these details when the primary contact for the subscription or business unit has changed.

Qualys Scanning in Cloud Environments

  • View Cloud Instance Information for a Scanner Appliance – You can now see detailed information about a scanner appliance in Amazon EC2, Azure, and Google GCE, making it easier to see which environment the scanner is deployed in along with key attributes for each cloud provider to identify and track the scanner appliances.
  • Cross-Region Scanning Support for EC2 Scans – You can now assign a scanner appliance from a different region when scanner appliances in your region are unavailable. We now support availability of scanner appliances across regions.
  • Find EC2 assets in different states – With this release, you can easily find all your Amazon EC2 assets with a particular status (running, terminated, stopped, etc) and take action on them. For example, find EC2 instances that are terminated in order to purge or remove them from your account.
  • Reporting on EC2 Assets – We’ve improved reporting on EC2 assets, using the Qualys UI and API, to help you manage your EC2 assets within Qualys. For EC2 assets now we report EC2 Instance ID, private DNS name plus EC2 instance information. Additionally, you can include EC2 details in the VM Scan Reports.
  • EC2 Asset Search Improvements – We’ve added a new option to search by EC2 Instance ID, and the DNS Hostname attribute lets you search across private EC2 names

Qualys Vulnerability Management (VM)

  • Host Alive Testing Option – A new scan option allows you to launch a quick scan to determine which of your target hosts are alive without also performing other scan tests. This allows you to do basic scans asset record maintenance tasks much more faster.
  • CC Option for Notifications – You can now include a CC email address for remediation ticket notifications, allowing you to keep other users such as team managers in the loop on remediation activities.
  • Reporting Improvements –
    • Show Reopened Info in Scan Reports
    • Ability to exclude Glossary Data from XML Scan Report
  • Ticketbleed Vulnerability gets F Grade from Qualys SSL Labs – With this release servers found vulnerable during VM scans to the Ticketbleed vulnerability get an F Grade from SSL Labs, when the SSL Labs feature is enabled for your subscription. This helps you easily identify servers vulnerable to Ticketbleed (CVE-2016-924/CID: 370302). See Also: https://blog.qualys.com/ssllabs/2017/02/23/ticketbleed-detection-added-to-ssl-labs

Qualys Policy Compliance (PC/SCAP)

  • Mandate-Based Reporting – In today’s complex regulatory environment, organizations face the need to implement more controls to comply with multiple, often overlapping, regulatory requirements. Qualys has mapped technical control library controls to control objectives based on NIST 800.53, which are then cross-mapped to common regulatory requirements and audit frameworks.

New Mandate-Based reports leverage these mappings to provide cross-policy, mandate-centric and harmonized compliance reports, making it easier than ever identify coverage gaps and see how your technical controls are meeting various regulatory requirements. Complex overlapping requirements can be met by leveraging custom internal standards that you define, or by importing out-of-the-box Policy Compliance library content such as Certified CIS Benchmarks, Vendor Recommended Hardening Guidelines, DISA STIGs, and many more!

With leading support for Operating Systems, Network Devices, Applications & Databases, it is now easier than ever to know where your key issues are before your audits.  For more information, see the release notes or the Qualys Mandate-Based Reporting blog post for additional information.

  • View Remediation Instructions in Reports – You can now include the remediation information for control technologies in compliance reports. For system defined controls, the reports display the remediation information set by Qualys. For user defined controls, the remediation information that you set for each control technology is displayed in the reports.   This information can be included in standard report output as well as XML/CSV formats. This will enable you to share remediation instructions with your internal IT admins to speed remediation of compliance failures.  Note: Currently, the remediation information is only being added to the CIS and DISA controls.

  • Qualys User Defined Control Import/Export – Qualys User Defined Controls provide a simple way for customers to define controls that are unique to their environment. You can now import and export these control definitions with your policy, making it easier than ever to keep backups, share content, and store policy versions to meet auditor requirements. Additionally, Qualys introduced a new UDC based control approach, called Qualys Custom Control (QCC), which allows for rapid development of new content leveraging UDC definitions that can be imported directly from the Qualys Policy Library with new content. These controls can be built and delivered faster allowing Qualys to cover most of your needs with pre-packaged content in the Policy Library.  When importing these QCCs, controls will automatically be created in the your subscription. We will be releasing policies for CIS for Microsoft Internet Explorer 10, v1.1.0 and CIS for Microsoft Internet Explorer 11, v1.0.0. which contain a combination of library controls and custom controls.  Note: Currently the QCCs, like the UDCs, are only supported for scanner-based data collection. In the future, we plan to expand support for the Qualys Cloud Agent.
  • UDC Permissions for Unit Managers – Now Unit Managers may be granted permission to create, update and delete User Defined Controls (UDCs).
  • Increased Scan by Policy Limit – When using the Scan by Policy feature you can now choose up to 20 policies in the compliance option profile. This limit was increased from 10 policies.
  • Platform Support –
    • PostGRE SQL – New Authentication and Instance-based support was added to support assessment of PostGRE SQL 9.x.
    • UDC for Amazon Linux 2016 – Support has been expanded to support Linux UDC’s on Amazon Linux 2016.

For more details about the above features – please review the release notes. Release notes will be posted as soon as they are available on the Qualys Suite Release Notes page.

See Also:

Platform release dates will be published on the Qualys Status page when available.

 

Leave a Reply