Qualys Cloud Suite 8.7 New Features

This new release of the Qualys Cloud Suite, version 8.7, includes updates for usability and functionality across the platform as well as Vulnerability Management and Policy Compliance.  This release is scheduled to go live in March and release dates for each platform will be published on the Qualys Status page when finalized.

Cloud Platform: Several new core improvements have been implemented in this release to improve security of authentication. We also added improved scanner license tracking to make it easier to see how many licenses are active, available, and connected – each broken out by scanner type.

Vulnerability Management: The Scan and Patch reports have been updated making patch reporting more accurate and simplifying reporting on superceded patches. A number of improvements to usability have been included, such as refreshing the Most Vulnerable Hosts List, adding the ability to select a single scanner appliance for scans, and allowing removal of host IPs from VM only.  We’ve enhanced certificate detection and added details to several reports such as the ability to show vulnerabilities in the KB that are supported on by the Qualys Cloud Agent.

Policy Compliance: It’s now faster and easier to configure new controls as you build custom policies and expand existing policies to cover new technologies. We’ve added Copy Control Settings, so you don’t have to configure each control manually. You can copy settings from the library, another policy in your account, or an older version of the technology in the same policy.   Usability improvements have been made to the UDCs, sharing of reports with other users, and similar to VM, host IP removal in PC only. Platform coverage is also updated in this release, adding coverage for DB2 10.x and Oracle 12c.

Feature Highlights

Qualys Cloud Platform

• Require SMB Signing for Windows Authentication
• SAML Support for SHA256 Signature Algorithm
• View Scanner License Count
• Administration Utility in the Module Picker

Qualys Vulnerability Management (VM)

• Quickly Identify SHA1 Certificates
• Easily Identify Vulnerabilities Supported by Module
• Select Single Scanner Appliance for Scans
• Host Counts Added to Scan Results Appendix
• Scan Reports – Exclude Superceded Patches
• Patch Reports – New Patch Evaluation Method
• Ability to Remove Host IPs from the VM module only
• Improvements to scan reports with trending
• Improved Remediation Ticket Search
• New Refresh Option for Most Vulnerable Hosts List

Qualys Policy Compliance (PC/SCAP)

• Copy Control Settings
• Unix Directory Search Check – Find files without certain permissions
• Make reports available to other users
• Ability to Remove IPs from the PC module only
• New Technologies Supported – IBM DB2 10.x and Oracle 12c

For more details about the above features – please review the attached release notes: QWEB_FO_870_Release_Notes.

Platform release dates will be published on the Qualys Status page when available.