This release of the Qualys Cloud Platform version 2.32 includes updates and new features for AssetView, EC2 Connector, Indication of Compromise, Security Assessment Questionnaire, Web Application Scanning, and Web Application Firewall, highlights as follows.
- AWS EC2 Inventory and Security Dashboard – a new dashboard “AWS EC2 WORKLOAD SECURITY – Overview” is available based on search queries across the different attributes collected for EC2 instances. The dashboard provides visibility into AWS EC2 instances and security posture collected via the EC2 Connector and pre-authorized scanners.
- AWS EU Region (Paris) support – Region Name “EU (Paris)” with Region Code “eu-west-3” is now supported in the EC2 Connector
Indication of Compromise
- Import/Export Dashboards – you can now import and export Dashboards (with corresponding widgets) similar to AssetView
Security Assessment Questionnaire
- New Respondents User Interface – a new user interface for all types of respondents including reviewers and approvers is provided
Web Application Scanning
- Detection Scope Categories – different categories of vulnerabilities can now be selected for detection scope within an option profile. This allows for targeted scans and offers an alternative to using static and dynamic search lists.
- Test Authentication – this new option, if enabled for your subscription, is available from the Quick Actions menu, allows you to quickly test the scanner’s ability to authenticate to a web application [updated Mar 16]
- Exclude Parameters – you can now exclude specific parameters from testing to improve a scan’s efficiency and effectiveness. Exclusions can be defined for URL parameters, request body parameters, or cookies.
- Update to 2017 OWASP Top 10 – identified vulnerabilities are now mapped to the 2017 edition of the OWASP Top 10 replacing the 2013 edition
- New CSV report – a new CSV report (“v2”) has been implemented to include additional columns for each finding
Web Application Firewall
- Virtual Appliance Update – an updated virtual appliance, version 1.4.0, improves performance and introduces support for Microsoft Azure and Google Cloud Platform instances
- Scheduled Software Version Upgrades – you can now schedule automatic upgrades within specific time-ranges, allowing you to stay with the latest appliance software version
- Web Services Protection – you can now protect your web services and REST/APIs through a native protection added to the HTTP Profile (see the new “Web Services” section). Support includes a new WAF QID (226022) in addition to all existing QIDs detected within the XML/JSON envelope.
- Custom Responses with Custom Rules – custom response pages can be triggered by custom rules, providing the ability to dissociate responses based on Custom Rule conditions
- Creating Exceptions with Custom Rules – creating exceptions with the custom rule component simplifies the false-positive management process. You can now disable a given QID or a subset of QIDs when it raises a violation that is not legitimate, based on your policy settings.
API updates are also included with this release:
The specific day for deployment will differ depending on the platform. Release Dates will be published on the Qualys Status page when available.
For more details about the above features – please review the release notes. Release notes will be posted as soon as they are available on the Qualys Suite Release Notes page.