This release of the Qualys Cloud Platform version 2.44 includes updates and new features for Cloud Agent and Web Application Scanning, highlights as follows.
Cloud Agent User Interface
- “License Overview” changing to “Activation Overview” on Dashboard – The references to License have been changed to Activation to reflect new capabilities where a Cloud App can manage different functional use cases based on different Cloud App licenses. Thus, the admin would “activate” that Cloud App module on the appropriate Cloud Agent(s) while the licenses are managed within the user interface for that specific Cloud App.
Web Application Scanning
- SSL/TLS and Certificate Tests – WAS can now test the SSL/TLS configuration and certificate of the target web application. This includes tests for a wide variety of issues such as weak ciphers, self-signed certificates, known-vulnerable protocols like SSLv3, and vulnerabilities such as Logjam and Sweet32. The relevant QIDs are included in a new detection scope category called “SSL/TLS and Certificate issues”.
- New Detection List Filters – New filters for Finding ID and QID been added to the Detection List to more quickly find what you are looking for. Previously, using the all-purpose Search box was the only way to filter the list to show only a certain finding or only certain QIDs.
- Large Report Notification Message – The WAS UI now displays an error notification message if you try to generate a very large web application report (>500 web apps) that is likely to time out or take an excessive amount of time to generate.
API updates are also included with this release:
The specific day for deployment will differ depending on the platform. Release Dates will be published on the Qualys Status page when available.
For more details about the above features – please review the release notes. Release notes will be posted as soon as they are available on the Qualys Suite Release Notes page.