This release of the Qualys Cloud Platform version 2.35 includes updates and new features for AssetView, Cloud Agent, Security Assessment Questionnaire, and Web Application Scanning, highlights as follows. (Note: this post has been edited after publishing to remove the Rule-Based Method to Purge/Uninstall Cloud Assets and Cloud Agents, and Azure Cloud Connector, which will be available in a subsequent release.)
- Dynamic Tag Rules supported for Cloud Provider Metadata for Cloud Agents – Dynamic tag rules can now be created based on cloud provider metadata as collected by Cloud Agent running in support public clouds (AWS, Azure, GCP)
- (moved to Cloud Platform 2.36 release) Rule-Based Method to Purge/Uninstall Cloud Assets and Cloud Agents – User-defined rules to automatically purge Cloud Assets (from Cloud Connectors) and uninstall/purge Cloud Agents based on the terminated/deallocated state of the cloud instance or time since last check-in or vulnerability scan
- LastCheckedIn Updated Timestamps – The lastCheckedIn search token’s timestamp is updated based on any Agent Status or agent activity (vulnerability scan, policy compliance scan, manifest downloaded, etc.)
- Cloud Agent List Separates LastCheckedIn and Last Activity – The list of Cloud Agents splits the Status/LastCheckedIn column into two separate dedicated columns, one for Last Activity and one for LastCheckedIn. This provides more granular visibility for agent check-ins and the last activity the agent performed.
Security Assessment Questionnaire
- Import Template from CSV – SAQ templates can now be imported from CSV files, including Question Text, Question Element Types, Mandatory Attachments, Mandatory Comments, and Question ID
Web Application Scanning
- KnowledgeBase Improvements – The KB now provides the associated CWE ID, OWASP Top 10 category, and WASC category for each WAS QID. You can now search the KB by these attributes.
- Time Limit for Ignored Finding – A new option has been added allowing you to specify how long the finding should be ignored.
- More Useful Scheduled Scan Report – You can now select a web application instead of a scan as the target for a scheduled scan report. At report creation time, the most recent scan for that web application will be used as the target.
- Reports include Burp, Bugcrowd Findings – A web application report by default now includes Burp and Bugcrowd findings that have been imported into Qualys WAS.
- Launch Now for a Scheduled Report – A new option has been added to run a scheduled report immediately instead of waiting for its scheduled launch time.
- Custom Report Footer – New functionality is available to display a custom footer on your downloaded PDF and HTML reports. This option is available under “Display” when editing a report or a report template.
- WAS Parameter in Selenium Scripts – You can now insert a WAS parameter in the form @@webappURL@@ to represent the target URL of the web application within a Selenium script. When the script is played at scan time, the WAS scanning engine will replace the parameter with the actual value. This is useful to potentially reduce the number of Selenium auth scripts you have to manage. With single sign-on for example, multiple auth scripts for different web apps are often identical except for an initial open command to the web app’s URL.
- Improved Find–Detections Functionality – When selecting Find–Detections for a web application, the search is now performed using the web app ID instead of name, thus providing more accurate results when web apps with overlapping names exist.
- Virtual Patch Option – The virtual patch option used in conjunction with Qualys WAF is now provided only for WAS QIDs that are virtually patchable.
- Delete a Malware Scheduled Scan – It is now possible to delete a scheduled malware scan from the Malware Detection module that was originally defined from within WAS.
API updates are also included with this release:
The specific day for deployment will differ depending on the platform. Release Dates will be published on the Qualys Status page when available.
For more details about the above features – please review the release notes. Release notes will be posted as soon as they are available on the Qualys Suite Release Notes page.