Qualys TotalCloud 2.19.0 Release Updates

Shrikant Dhanawade
Shrikant Dhanawade, Director, Product Management, Cloud Security
- 5 min read

Table of Contents

Release Availability: Early November 2025

Overview

The Qualys TotalCloud 2.19.0 release introduces new enhancements across Cloud CNAPP capabilities. These enhancements improve integration depth, data accuracy, and operational visibility, helping organizations maintain consistent control and compliance across multi-cloud environments.

Cloud Connector Enhancements

We continually refine Qualys cloud connectors to better support your evolving integration needs. This release enhances connector management, onboarding, and configuration workflows to simplify integration and improve visibility across connected environments.

1. Connector Management Dashboard

Qualys has introduced a dedicated Connector Management Dashboard, offering a unified, real-time view of connector health and coverage across all cloud platforms. This interactive dashboard consolidates key metrics and operational insights to help teams monitor integration status, optimize connector usage, and identify configuration gaps.

Key Capabilities:

  1. Unified visibility of your cloud connectors: View total connector counts, organizational associations, and platform-specific distributions (AWS, Azure, GCP, OCI).
  2. Operational health: Monitor connector status and availability to maintain stable integrations.
  3. Detailed insights:
    – Top connector capabilities in use
    – FlexScan statistics and remaining CSPM quotas
    – Connectors linked to public assets
    – Resources involved in attack paths
    – Resource creation and deletion patterns
    – Summaries of vulnerabilities and misconfigurations

Available through the Qualys TotalCloud portal, the dashboard enables faster triage, data-driven prioritization, and better governance of complex multi-cloud estates.

Connector Management Dashboard

2. Three-Step Onboarding for Cloud Organizations

The connector onboarding experience has been redesigned for speed and simplicity. With just 3 steps, administrators can now configure organization- or tenant-level connectors during initial setup, streamlining visibility and hierarchy creation.

Key Improvements:

  • Organization-level setup from the start—no additional configuration required.
  • Immediate visibility across all accounts and resources upon onboarding.
  • Faster time-to-value through a guided, simplified process.
Organization Connector – New UI

3. Overrides for Organization Connector Configurations

Qualys TotalCloud now allows granular overrides of organization-level connector settings on individual member connectors. This flexibility lets teams fine-tune configurations for compliance or regional needs without disrupting centralized policies.

Capabilities include:

  • Customizing the connector name, description, polling frequency, and regions.
  • Restoring the organization to its defaults at any time through the restore operation.
  • Currently supported for AWS connectors, with other platforms to follow.

This feature balances local configuration control with consistent organizational governance.

Override Connector Configuration

CSPM Enhancements

New capabilities improve control evaluation depth, coverage, and reporting accuracy across compliance workflows.

1. Enhanced Evidence Details for Control Evaluation

The Evidence Details view has been upgraded to offer deeper insight into control evaluations. Teams can now track historical results, understand compliance state transitions, and improve audit traceability.

Enhancements include:

  • New fields showing previous and current evaluation states.
  • A “Current/Previous result and Since” field to indicate timeline and duration.
  • “Expected” and “Actual” results for clear pass/fail validation.

These updates improve the accuracy of reporting and support faster investigation and remediation validation.

Evidence Details

2. Detect When No Resource Exists

A new option in QFlow Custom Control Evaluation is introduced through a simple checkbox, allowing a control to automatically fail when no applicable resources are found.

Benefits:

  • Prevents silent passes and explicitly surfaces coverage gaps.
  • Consolidates results at the account level for broader posture assessment.

This ensures full visibility into both configuration coverage and resource applicability.

3. Extended Inventory of AWS AI Services

Cloud providers offer a fast-growing array of AI services, and now Qualys TotalAI helps you keep them secure. TotalCloud has expanded Cloud Inventory to automatically discover and track key AWS AI services and their models, delivering deeper visibility, governance, and control across your AI landscape.

This release adds inventory support for:

  • Bedrock Foundation Models
  • Bedrock Custom Models
  • Bedrock Knowledge Bases
  • Amazon SageMaker Models

With unified asset context and critical security findings from Qualys TotalAI, you can quickly identify exposure, prioritize remediation, and maintain a compliant, well-governed AI footprint on AWS.

4. GCP Cloud Run Services Inventory Support

Support for GCP Cloud Run Services ensures accurate discovery and classification of serverless workloads as Google transitions from Cloud Functions to Cloud Run.

Benefits:

  • Complete inventory of Cloud Run workloads.
  • Consistent asset categorization across environments.
  • Continuous tracking to maintain compliance and visibility.

This enhancement improves inventory precision, closes visibility gaps, and maintains comprehensive coverage across GCP environments, enabling teams to monitor, govern, and secure Cloud Run workloads with confidence.

5. Reporting Enhancements: ARN Precision and Deleted-Resource Visibility

Two powerful upgrades to CSPM assessment and CSV reports streamline tracking, correlation, and auditing.

  • ARN details for AWS resources: Reports now include the full Amazon Resource Name (ARN) for each AWS asset, providing a unique, standardized identifier. This makes it easier to correlate findings with the AWS Console, APIs, and third-party tools—no more relying solely on ambiguous resource IDs.
  • “Deleted from Cloud” status: A new column flags resources that have been removed at the cloud provider level. When a resource is no longer present, the report displays “True,” providing teams with clear visibility into lifecycle events, enabling them to distinguish between active and deleted assets, reduce scan noise, and maintain cleaner inventories.

Together, these enhancements improve traceability, accelerate remediation, and support precise, audit-ready reporting.

CWPP Enhancements

This release improves auditability and event traceability for agentless and snapshot-based cloud scans.

Enhanced Auditing with Snapshot-Based Scan Event Logs

Qualys TotalCloud supports multiple cloud vulnerability scanning methods, Qualys Agents, API-based scans, Cloud Perimeter Scans, and Snapshot-Based Scans, helping teams choose the right approach across platforms. This release introduces centralized event logging for Snapshot-Based Scans, giving teams full visibility into scan activity and performance.

Capabilities:

  • Logs initiation time, completion status, and error events.
  • Aggregates all scan events into a single, searchable log stream.
  • Enables easier debugging, monitoring, and workflow optimization.

This centralized visibility supports stronger audit readiness and more efficient scan operations.

What’s Next

Use these enhancements to strengthen visibility, control, and automation across your multi-cloud environment with Qualys TotalCloud.

Resources

Share your Comments

Comments

Your email address will not be published. Required fields are marked *