This release of the Qualys Cloud Platform version 2.37 includes updates and new features for Security Assessment Questionnaire and Web Application Scanning, highlights as follows.
Security Assessment Questionnaire
- Manager access to all active campaigns – Questionnaire Manager role now has access to all active campaigns in the subscription with separate access and update permissions
Web Application Scanning
- External References for Detections – You can now add external references for a WAS vulnerability detection. An external reference is a free-form text field where you can enter an internal bug tracking number or any other information that may be useful. The data is stored and displayed along with the detection details.
- Multi-scan Email Option – A new option has been added for multi-scans. You can now choose to have one “scan complete” email notification for the entire multi-scan. Alternatively, you can elect to have a “scan complete” email sent for each individual scan.
- Message about Qualys WAS Burp Extension – When selecting to import Burp issues into WAS, a popup message is now displayed that recommends using the Qualys WAS Burp extension.
- Clean Up of Old Scans – In the Malware Detection module, the clean-up process for old scans has been improved resulting in fewer old scans and better UI performance. For an enterprise MD subscription, scans with no malware detections by default are deleted after 90 days. For a free MD subscription, scans with no malware detections by default are deleted after 14 days. Scans having detections are kept for 12 months.
API updates are also included with this release (link will be provided when updated).
The specific day for deployment will differ depending on the platform. Release Dates will be published on the Qualys Status page when available.
For more details about the above features – please review the release notes. Release notes will be posted as soon as they are available on the Qualys Suite Release Notes page.