Qualys Cloud Platform 2.33 New Features

Chris Carlson
Chris Carlson, VP of Cloud Agent, Qualys
- 5 min read

Last updated on: June 1, 2020

This release of the Qualys Cloud Platform version 2.33 includes the release for CertView, plus updates and new features for AssetView, Cloud Agent, EC2 Connector, Security Assessment Questionnaire, Web Application Scanning, and Web Application Firewall, highlights as follows.  (This posting has been edited to include an update to WAS that is available in a patch release.)

CertView

  • Create a baseline inventory of certificate and TLS configurations – CertView lets you discover, inventory and monitor certificates as well as TLS configurations and vulnerabilities
  • Detect expired/expiring certificates – Stop expired and expiring certificates from interrupting critical business functions
  • Identify out-of-policy certificates – CertView identifies out-of-policy certificates with weak signatures or key lengths, and shows you how many unique Certificate Authorities were found in the environment and how many certificates were issued by each one
  • Grades to determine the strength or weakness of TLS configurations – CertView generates certificate instance grades that allows administrators to assess often overlooked server SSL/TLS configurations without having to become SSL experts. Certificate grades reflect the strength of the underlying application or service configuration, and pinpoint specific configuration settings that highlight the use of best practices or lack thereof
  • Leverage existing investment in scanners – Existing Qualys customers who already have scanners deployed for Vulnerability Management can use the same scanners to collect all certificate and TLS configuration data
  • Free for internet-facing sites – You can scan all your internet-facing assets for free. You can extend this inventory and assessment to internal assets and certificates by upgrading to a full version of CertView.

AssetView

  • Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Instance Metadata – Instance identity metadata for Cloud Agents deployed in supported public clouds are indexed and searchable using existing (AWS) and new (Azure, GCP) search tokens with instance information displayed in new tab in Asset Details.  Requires Cloud Agent Linux 1.7 or later and Cloud Agent Windows 2.1 or later.
  • Permissions for Dashboards –  Three new permissions are available to allow or prevent a user to add, edit, and delete dashboards. These permissions can be set in the Administration module for each user role.

Cloud Agent

  • Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Instance Metadata – Instance identity metadata for Cloud Agents deployed in supported public clouds are indexed and searchable using existing (AWS) and new (Azure, GCP) search tokens with instance information displayed in new tab in Asset Details.  Requires Cloud Agent Linux 1.7 or later and Cloud Agent Windows 2.1 or later.

EC2 Connector

  • Support for Cross-Account Role Authentication – This allows you to grant Qualys access to your AWS EC2 instances without sharing your AWS security credentials. Qualys will access your AWS EC2 instances by assuming the IAM role that you create in your AWS account. This eliminates the overhead of management of IAM user keys in your Qualys subscription.

Security Assessment Questionnaire

  • Question Bank – We now provide a question bank mapped to the 2018 Shared Assessments Standardized Information Gathering (SIG) Questionnaire (2018 SIG). A user can select questions from this bank while creating a template.
  • Adding Questions across Library Templates – While creating a template, a user can select sections and/or questions  from a library template

Web Application Scanning

  • Option Profile Details – scan reports now provide a full snapshot of the option profile settings that were used for the scan.  Previously, only the name of the option profile was provided.
  • Status of Running Scan – more details are now displayed about the status of a running scan.  This includes current scan phase (crawling, testing, etc), the number of AJAX links and XHR requests, and a total of timeouts and errors that have been encountered.
  • Retest Multiple Findings – from the detections list, you can now perform a retest on multiple findings, as long as they are for the same QID and same web app.
  • Retesting Filter – a new filter has been added to the detections list, allowing you to quickly view findings that are being retested.
  • Case-Insensitive Sorting – a new option is available under Global Settings to enable case-insensitive name sorting throughout WAS.
  • More Granular Schedule Filters – new filters have been added to the web application list to help you quickly find web apps that have – or don’t have – a scan scheduled.
  • Results for Cancelled Scans – you can now elect to have partial scan results available when cancelling a WAS scan.  Once a scan has been running for 15 to 20 minutes, a new option under the Quick Actions menu called “Cancel Scan with Results” will be available.  If selecting this option, you can view a report for the scan even though it did not complete.  (Currently available in a 2.33 patch release.)

Web Application Firewall

  • WAF available as Docker Container – expanded platform support to support web application firewall in container environments
  • HTTP Header Manipulation – Custom Rules now allow inserting, rewriting or stripping headers into HTTP responses
  • Security Policy Sliders – Four categories have been added to the manual security policy in order to better control the sensitivity of the inspection engine: Relative Path Overwrite, XML injection, Expression Language Injection and Code Injection sliders are now configurable through manual policies.
  • Appliance Upgrade – Ability to trigger system upgrades per appliance, in addition to the cluster upgrade, allowing more control over upgrades
  • UI/UX improvements – This release contains several improvements for configuration deployments, events presentation, and navigation simplification of configuration objects.

API Updates

API updates are also included with this release:

Qualys Cloud Platform 2.33 API Notification 1
Qualys Cloud Platform 2.33 API Notification 2

The specific day for deployment will differ depending on the platform.  Release Dates will be published on the Qualys Status page when available.

For more details about the above features – please review the release notes. Release notes will be posted as soon as they are available on the Qualys Suite Release Notes page.

Share your Comments

Comments

Your email address will not be published. Required fields are marked *