Qualys TotalCloud 2.17.0 Release Updates

Extending Attack Path for Azure Cloud
TotalCloud CSPM Integration with ServiceNow Configuration Compliance (CC)
TotalCloud CSPM integration with Jira Projects
CSPM Enhancements
CDR Enhancements
Resources

The Qualys TotalCloud 2.17.0 version introduces new capabilities, features, and updates. The release will be available by the end of June 2025.

Extending Attack Path for Azure Cloud

With the 2.15.0 release, we introduced Attack Path in Qualys TotalCloud, powered by TruRisk™ Insights for AWS, offering a powerful new way for enterprises to visualize cloud resource compliance and clearly trace risks stemming from vulnerabilities, threats, and misconfigurations. This innovative feature enables organizations to see exposure paths, break down risk chains, and strengthen their security posture.

Building on this momentum, we are now bringing Attack Path to Azure, empowering customers with multi-cloud TruRisk Insights and enhanced risk visualization. This extension ensures organizations can prioritize and address risks in Azure more effectively, reinforcing our commitment to delivering a unified, prioritized perspective on the most critical cloud security risks across environments.

TotalCloud CSPM Integration with ServiceNow Configuration Compliance (CC)

We are excited to announce the integration of TotalCloud CSPM with ServiceNow Configuration Compliance (CC), bringing together unified compliance and security visibility across your entire cloud ecosystem. This partnership streamlines compliance management, automates workflows, and eliminates the need for manual reconciliation. By mapping exposure relationships and delivering comprehensive risk context, organizations can rapidly remediate configuration issues and break potential compromise chains, ensuring proactive and continuous compliance.

This powerful integration offers several key benefits, including simplified vulnerability, misconfiguration, and compliance management for faster issue resolution. Enhanced risk visibility allows teams to identify and prioritize threats, including complex toxic risk combinations, using complete context from both cloud and host configurations. Additionally, a compliance-centric approach helps automate policy checks, leveraging compliance-mapped findings from Qualys CSPM in ServiceNow CC, and reducing manual compliance efforts across your multi-cloud environment.

TotalCloud CSPM integration with Jira Projects

We are also extending TotalCloud CSPM to integrate with Jira, a solution designed to empower your security teams with clear, actionable insights while enhancing the workflow. This strategic alliance automatically generates prioritized security tickets in Jira, efficiently guiding your teams through risk mitigation processes.

By synchronizing TotalCloud CSPM with Jira, we equip our customers with a refined mechanism to track and manage configuration risks promptly and effectively. The integration utilizes existing workflows to prioritize security tasks within Jira, seamlessly transforming risk management and fortifying your security posture.

CSPM Enhancements

Asset and Connector Tags override via REST APIs

With the TotalCloud 2.13.0 and 2.15.0 releases, we introduced the ability to update tags on connectors created through organization connectors via UI, greatly simplifying asset organization. Now, this tagging capability is extended via REST APIs, enabling customers to programmatically manage and customize tags for enhanced cloud asset management.

By leveraging these REST APIs, users can now efficiently override asset and connector tags through automated workflows. This not only ensures accurate asset categorization across your cloud environment but also streamlines tag administration, boosting operational efficiency and making compliance management more seamless.

Azure AI Services Inventory Support

Cloud providers offer a wide array of AI services to address diverse use cases. Qualys TotalAI scans these AI services and models to identify critical security findings. TotalCloud now expands its Cloud Inventory to include various Azure AI services and their models, providing customers with enhanced visibility and control.

This update underscores our dedication to delivering the most comprehensive and accurate Cloud AI Security Posture Management. By continuously expanding our coverage, we empower organizations to secure their AI deployments effectively.

Enhanced Policy Selection in Report Creation

Report configurations now feature an updated policy selection process during report creation. This ensures comprehensive retrieval and display of all relevant policies, streamlining user selection.

Users can also efficiently search for specific policies using various tokens and include them in report configurations. This enhancement offers a superior user experience through quick and targeted policy selection.

Expansion of Event-based Inventory updates (deleted events)

With the 2.16.0 release, we introduced integration with AWS EventBridge to monitor cloud events related to deleted resources. Now, this capability has been expanded to support 28 additional AWS services, offering broader and more comprehensive coverage.

This enhancement enables real-time identification and removal of deleted or terminated resources, ensuring cleaner and more accurate security assessments. By eliminating outdated findings and focusing on active risks, organizations can maintain a sharper and more effective security posture in dynamic environments.

CDR Enhancements

Public API to Fetch CDR Findings

Qualys TotalCloud introduces public APIs for CDR findings, enabling seamless integration of threat data into existing security ecosystems. This enhancement allows automated ingestion and response workflows in SIEMs, SOARs, and custom platforms. Organizations can now pull CDR insights directly into their security tools, improving visibility and accelerating incident response. This integration enhances proactive threat monitoring across dynamic cloud environments.

Extend CDR Capabilities to Containers

With Container Runtime Security (CRS), the CDR platform now supports process-level monitoring for live containers in real-time. This feature detects anomalous behavior and suspicious activities by establishing behavioral baselines for each container. Organizations can continuously monitor, detect, and respond to threats as they occur, helping prioritize high-risk containers. This capability reduces attack surfaces in dynamic cloud-native environments.

Exception Handling

Enhanced exception handling allows customers to manage known threats more efficiently by adding findings to customizable exception lists. Users can make exceptions based on compliance requirements or risk-based decisions, significantly reducing false positives and alert fatigue. This ensures CDR delivers high-fidelity, actionable findings while maintaining focus on real threats. By eliminating unnecessary noise, organizations maintain a stronger security posture in evolving cloud infrastructures.

Resources

TotalCloud™ – The Risk-minded CNAPP. Learn more about TotalCloud CNAPP.
Online Help for TotalCloud, Connectors, TotalCloud API User Guide
How-to Training Videos
If you have questions, please contact your TAM or Qualys Technical Support.