Update on RHEL Extended Update Support (EUS) Detection Capabilities 

We want to inform you about an essential update to our vulnerability detection processes within Red Hat Enterprise Linux (RHEL) environments, especially for systems with Extended Update Support (EUS). Our goal is to enhance the accuracy and efficiency of our detections with a performance-oriented approach while ensuring better coverage for all our customers, including those with systems that are not connected to the Internet. Qualys will enhance RHEL Extended Update Support (EUS) detection on April 22, 2024. 

What’s New: 

• Local Data Collection: We’ve shifted our detection logic to fetch data directly from the local system instead of the Red Hat Satellite server or Red Hat Network (RHN). This change significantly reduces the reliance on external connections, making the process more efficient and reducing performance impact. 

• Support for Disconnected Systems: The updated logic fully supports disconnected EUS systems. This means that even if your system isn’t connected to the internet, our service can accurately detect potential vulnerabilities, ensuring no system is unprotected. 

• Enhanced Detection Capabilities: We’ve refined our detection commands and processes. This makes our vulnerability assessments more precise and quicker, enabling us to identify and report more effectively. 

What to Expect:  

With this rollout, customers may notice an uptick in their detection count on RHEL system findings, especially on systems with Red Hat EUS.  

This enhancement is part of our commitment to providing top-level support and coverage for RHEL environments. We aim to improve our service and effectively address the evolving cybersecurity landscape. 

If you have questions, please contact the Qualys support team. 

Thank you for your trust in us.  

Qualys 

FAQ: 

What is the recent enhancement to the RHEL EUS coverage about? 

The recent enhancement to the RHEL EUS coverage involves an update in the detection logic to more precisely and efficiently identify Red Hat EUS systems. This update shifts the reliance from the subscription-manager command to the dnf/yum command. Additionally, this improvement is implemented at a layer above individual QIDs, which aids our scanners, agents, and sensors assess the connection configuration and the device’s environment before executing a QID.

What benefits can we anticipate from the newly implemented logic? 

The enhancement involves the introduction of refined detection capabilities tailored for RHEL EUS environments, both connected and disconnected. It refined detection capabilities engineered explicitly for RHEL EUS environments by leveraging optimized command sets that enhance the detection processes’ performance efficiency and improve the speed of vulnerability identification. 

Will there be observable changes in RHEL system findings following this update? 

Following this update, you may observe changes in your RHEL system findings depending on your configuration. These adjustments are expected to indicate the successful implementation of the new enhancements aimed at enhancing the fidelity and accuracy of the results. We have thoroughly tested the update to ensure a smooth transition and proactively address potential concerns.