Qualys Cloud Platform (VM, SCA, PC) 8.14 New Features

This new release of the Qualys Cloud Platform (VM, SCA, PC), version 8.14, includes several new feature improvements across the apps such as Wallix AdminBastion support, EC2 scan improvements, VM reporting improvements, ESX/ESXi PC support for vCenter, PC STIG Report, and expanded technology support for Qualys Policy Compliance.

Feature Highlights

Qualys Cloud Platform

Wallix AdminBastion Vault Support – The Wallix AdminBastion vault is now supported for securing credentials for WIndows and UNIX/Linux scanning. For details on configuring Wallix for your scanning environment, please view the 8.14 release notes on the Qualys Cloud Platform Release Notes page.
Map discovery of vCenter hosts – You can now discover virtualization hosts (ESX/ESXi) when scanning a vCenter server. Discovery via this feature will retain the mapping data, allowing PC scans to assess ESX/ESXi configuration data via vCenter rather than through direct connections to those targets. This reduces network impact and scanning time, allowing more efficient configuration assessment of ESX/ESXi targets. For more information on scanning of ESX/ESXi via vCenter as well as information on the discovery of these targets, please review the 8.14 release notes on the Qualys Cloud Platform Release Notes page.
Support for Scanning Specific Instances in EC2 – Users can now specify specific instances by their id to be scanned when they submit the ec2 scan job. Typically this feature will help in assessing the test instances coming in from a build system AMI, helping analyze for issues allowing for an opportunity to fix issues before the AMI is approved. Support available both in UI and API. Only for on-demand scans and not for scheduled recurring scans. Also available when you resubmit a scan job for any reasons of failure.

Qualys Vulnerability Management (VM)

FR-XML format for Patch Report – You can now generate patch reports in XML format in addition to CSV, PDF, and online HTML reports which were previously supported.

Qualys Policy Compliance (PC/SCAP)

DISA STIG Compliance Report – You can now generate the compliance report in STIG format to view the compliance and security posture of your organization in the terms of Defense Information Systems Agency (DISA) General Secruity Technical Implementation Guides (STIG) reporting requirements.

Qualys PC provides your DISA STIG compliance report in a .csv format. The compliance rating in the report includes the following details:

- Rule severity (High/Medium/Low)
- Count of controls that have passed or failed by the STIG reference number
- STIG reference number in addition to CID
- Rule title from STIG

Scan ESX/ESXi via vCenter – You can now scan ESX/ESXi targets through a vCenter server rather than through direct connections to those targets. This reduces network impact and scanning time, allowing more efficient configuration assessment of ESX/ESXi targets. For more information on scanning of ESX/ESXi via vCenter as well as information on the discovery of these targets, please review the release notes on the Qualys Cloud Platform Release Notes page.
Microsoft SQL Server 2017 – Database assessment of Microsoft SQL Server 2017 is now supported by Qualys Policy Compliance authenticated scans. Library content for is targeted for Q3, dependant on CIS’ release of benchmark for the technology.

Qualys Security Configuration Assessment (SCA)

SCA Agent Support – You can now collect data for configuration assessment via the Qualys Cloud Agent on supported Windows and Linux platforms.

For more details about the above features – please review the release notes. Release notes will be posted as soon as they are available on the Qualys Cloud Platform Release Notes page.