This new patch release of the Qualys Cloud Suite, version 8.9.1, includes updates for Cloud-based scanner deployments, VM Reporting Enhancements, and expanded platform coverage for PC.
Cloud Platform: Added EC2 Proxy Server support for the connector and the ability to identify the provider for scanners deployed in cloud environments such as Amazon Web Services, Microsoft Azure, and Google Cloud Platform.
Vulnerability Management: Improvements from customer requests for a number of VM Reports and ability to set reopen date for Remediation Tickets.
Policy Compliance: Expanded platform coverage for Microsoft IIS 10, Pivotal Webserver 6, Docker and Windows Server 2016.
Qualys Cloud Platform
- Provide Amazon EC2 API Proxy Information – You can now edit your scanner appliance in the Qualys UI to provide details about the proxy server to be used to connect to your Amazon EC2 API endpoints. This option is only available for EC2 scanners.
- View Platform Provider Information – When you have a virtual scanner that’s been deployed in a cloud environment, we’ll now show the platform provider in the scanner appliance details. For example, we’ll show platform providers like Amazon EC2, Microsoft Azure and Google Cloud Platform.
Qualys Vulnerability Management (VM)
- Choose CVSS Version for reports – While creating new report templates, you can choose to display the CVSS score for specific CVSS versions, such as CVSS version 2 or CVSS version 3. Selecting All (default) will display scores for both CVSS versions.
- Exclude Account ID from report filename – By default we’ll include the user’s account login ID in the filename of reports you choose download. Now you have the option to exclude the account login ID from the filename.
- Set Date to Reopen Remediation Tickets – We now provide a date picker option to set a date for the remediation tickets to be reopened. You can preconfigure the date while you create or edit a policy rule or you could also edit an existing remediation ticket (only for closed/ignored status).
- Ignored Vulnerability Scorecard Report – Previously the Ignored Vulnerability scorecard report showed a maximum of 10K rows. With this release this limit is removed
Qualys Policy Compliance (PC/SCAP)
- Expanded Platform Support – We’ve extended our platform support to include the latest versions of:
- Microsoft Internet Information Services (MS IIS) Web Server version 10
- Pivotal Web Server 6.x Support
- Docker Authentication support for Application Records – We now support compliance scans for Docker versions from 1.9 to 1.12, running on Linux hosts. Simply create a new Docker authentication record with details about your installation. Unix authentication is required so you’ll also need a Unix record for the host running the Docker.
- Windows Server 2016 User Defined Control (UDC) Support – We’ve added Windows Server 2016 support to the existing UDC’s.
For more details about the above features – please review the attached release notes: qualys-891-release-notes.
Platform release dates will be published on the Qualys Status page when available