Qualys TotalCloud 2.16.0 Release Updates
Table of Contents
The Qualys TotalCloud 2.16.0 version introduces new capabilities, features, and updates. The release will be available by end-May 2025.
CSPM Enhancements
Event-based Inventory updates (deleted events)
To strengthen security posture assessments in highly ephemeral cloud environments, we’re introducing a new integration with AWS EventBridge as part of our continuous Cloud Security Posture Management (CSPM) improvements. This enhancement enables real-time tracking of “delete events,” ensuring that CSPM maintains an accurate and current view of your cloud inventory, even as resources are deleted/terminated.
With this integration, CSPM now monitors 26 highly ephemeral AWS services, enabling it to assess the security posture of dynamic environments more effectively. By identifying and removing deleted or terminated resources in real time, this update helps reduce noise, eliminate stale findings, and sharpen focus on what truly matters.
We’re committed to expanding this capability to support additional cloud events and services in future releases.
Management of Suspended AWS Accounts
Qualys has enhanced its handling of AWS accounts in the suspended state. Previously, permanently deleted AWS accounts had their connectors in error in the Qualys platform, due to missing authentication details. Now, AWS accounts suspended by your teams (for 90 days prior to permanent deletion) will have their associated connectors marked as disabled in the Connectors module.
This improvement addresses customer requests for clearer visibility into connector status and more efficient management of deactivated accounts.
Alert Rule for OCI Cloud Misconfigurations
We are now extending the Alert Rule functionality to send alerts related to OCI Cloud misconfigurations. You can now configure alert rules to send OCI misconfigurations to email, PagerDuty,
We are consistently improving offerings for OCI cloud to bring comprehensive coverage across all the top 4 cloud providers supported by TotalCloud. With this functionality, you can now create alerts via our rule manager option to send alerts via various channels and can efficiently manage and address Oracle Cloud misconfigurations, streamlining operational and compliance processes.
OAuth 2.0 Auth Support for TotalCloud REST API
We are now providing the integration of OAuth 2.0 authentication standards into our APIs, significantly enhancing security and offering standardized, secure access methods. This new feature enables clients to authenticate and authorize API interactions using widely recognized and robust authentication protocols. Additionally, our platform now supports passwordless authentication mechanisms, simplifying the process for programmers and developers to meet their OpenID Connect (OIDC) authentication requirements.
With OAuth 2.0 support, you can expect a more secure, flexible, and seamless experience when accessing our APIs.
Support for New Mandates and Version Upgrades
Qualys TotalCloud rigorously adheres to cloud security best practices and continuously monitors compliance through versatile reporting and CIS benchmarks.
Compliance with various industry mandates is crucial for many regulated businesses. TotalCloud CSPM now supports the new mandates outlined in the table below.
New Mandates
| Mandate Name | Publisher | Version |
| California Consumer Privacy Act of 2018 (SB-1121) | California State Legislature, USA | Effective January 1, 2020 |
| US Gramm Leach Bliley Act (GLBA) | Federal | September 2004 |
| Microsoft Cloud Security Benchmark | Microsoft | v1 |
| Australian Signals Directorate Information Security Manual (ISM) | Australian Cyber Security Center (ACSC) | June 2024 |
| CIS Controls Version 8.1 | Center for Internet Security (CIS) | v8.1 |
| The Network and Information Systems (NIS 2 Directive) (EU) 2022/2555 | European Parliament | 2022/2555 |
Upgraded Mandate Versions
| Mandate Name | New version | New Name | Publisher |
| NIST Special Publication 800-171 | Rev. 3 | NIST Special Publication 800-171 | National Institute of Standards and Technology (NIST) |
| SWIFT Customer Security Controls Framework – Customer Security Programme v2021 | Version 2024 | SWIFT Customer Security Controls Framework – Customer Security Programme v2024 | Society for Worldwide Interbank Financial Telecommunication (SWIFT) |
| Australian Signals Directorate – Essential Eight Maturity Model | November 2023 | The Australian Signals Directorate – The Essential 8 Strategies (ASD 8) | Australian Cyber Security Center (ACSC) |
Deprecated Mandates
| Mandate Name | Version | Publisher |
| Cybersecurity Maturity Model Certification (CMMC) Level 3 | v1.02 (18 March 2020) | US Government – Office of the Under Secretary of Defense for Acquisition & Sustainment – OUSD(A&S) |
| Cybersecurity Maturity Model Certification (CMMC) Level 4 | v1.02 (18 March 2020) | US Government – Office of the Under Secretary of Defense for Acquisition & Sustainment – OUSD(A&S) |
| Cybersecurity Maturity Model Certification (CMMC) Level 5 | v1.02 (18 March 2020) | US Government – Office of the Under Secretary of Defense for Acquisition & Sustainment – OUSD(A&S) |
| Cybersecurity Maturity Model Certification (CMMC) Level 2 | v1.02 (18 March 2020) | US Government – Office of the Under Secretary of Defense for Acquisition & Sustainment – OUSD(A&S) |
| Cybersecurity Maturity Model Certification (CMMC) Level 1 | v1.02 (18 March 2020) | US Government – Office of the Under Secretary of Defense for Acquisition & Sustainment – OUSD(A&S) |
| Payment Card Industry Data Security Standard (PCI-DSS) v3.2.1 | v3.2.1 | PCI Security Standards Council |
| ISO/IEC 27001:2013 | Edition 2013-11 | Joint Technical Committee (JTC) 1/SC 27 of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) |
CWPP Enhancements
Shift Left in Vulnerability Management – Scan AWS Images (AMIs)
We are adding a feature that automatically scans and assesses Amazon Cloud Machine Images (AWS AMIs) for vulnerabilities, enabling early detection of potential security issues in the deployment lifecycle. This shift-left approach empowers our customers to improve their cloud security by adopting a proactive methodology. By leveraging Qualys’ comprehensive AMI scanning, customers can identify security risks, misconfigurations, and outdated packages, thereby reducing the attack surface and ensuring a secure cloud environment.
With this feature, customers can proactively identify and remediate risks, freeing up their team to focus on innovation. Qualys’ AMI scanning goes beyond basic vulnerability assessments, incorporating configuration analysis and continuous monitoring to provide a comprehensive security posture. By using only secure, compliant images in their cloud environments, customers can minimize potential attack surfaces, ultimately enhancing their overall cloud security and compliance.
The feature will be enabled with Qualys Flow 1.15.1.
Secret Detection in Snapshot-Based Scan for AWS Cloud
Leveraging snapshot-based scanning, Qualys TotalCloud now extends the vulnerability assessment to scan for exposed secrets across AWS cloud environments. This approach allows organizations to proactively prevent unauthorized access and data breaches by identifying and mitigating vulnerabilities before they can be exploited.
Additionally, by automating the detection process, businesses can streamline their security operations, reduce the risk of human error, and focus more on innovation and growth. With this enhanced capability, organizations can confidently safeguard their critical assets and maintain compliance within their cloud infrastructure.
The feature will be enabled with Qualys Flow 1.15.1.
Zero-touch Perimeter Scan for GCP Cloud Connectors
We are enhancing our VMDR Cloud Perimeter Scan feature for GCP Cloud by introducing zero-touch configurations for all existing and new cloud accounts onboarded to the Qualys platform. This extension ensures that your cloud environments are automatically configured without the need for manual setup, simplifying the integration process and reducing administrative overhead.
With this improvement, you can concentrate on managing and mitigating vulnerabilities of publicly exposed cloud assets instead of worrying about their configurations. By automating configuration management, our solution allows you to maintain a secure and efficient cloud infrastructure, enabling you to focus on what matters most: protecting your assets and driving your business forward.
The feature will be enabled with Enterprise TruRisk™ Platform Release 10.34.
CDR Enhancements
CDR Event Integration with MS Sentinel
Enhance your organization’s security posture by seamlessly integrating TotalCloud’s Cloud Detection and Response (CDR) events with Microsoft Sentinel. This integration provides comprehensive visibility across cloud environments and streamlined incident management. It enables proactive threat detection and rapid response to cloud-based attacks, including identity-based threats and lateral movements.
By consolidating threat events from TotalCloud’s CDR module into Microsoft Sentinel’s unified platform, organizations can improve operational efficiency, reduce response times, and strengthen their overall defense against evolving cyber threats in cloud environments.
Resources
- De-risk your cloud with TruRisk Insights, one prioritized view of risk so you can fix what matters most first! Learn more about TotalCloud CNAPP.
- Online Help for TotalCloud, Connectors, TotalCloud API User Guide
- How-to Training Videos
- If you have questions, please contact your TAM or Qualys Technical Support