This release of the Qualys Cloud Platform version 2.36 includes updates and new features for AssetView (Cloud Assets and Cloud Agents) and Web Application Scanning, highlights as follows.
AssetView Rules for Cloud Assets and Cloud Agents
- Rule-Based Method to Purge/Uninstall Cloud Assets and Cloud Agents (BETA) – User-defined scheduled and on-demand rules to purge Cloud Assets (for supported Cloud Connectors, AWS initially) and uninstall/purge Cloud Agents based on the terminated state of the cloud instance or time since last check-in or vulnerability scan. Customers requesting this feature should contact Support to enable for their subscription.
Web Application Scanning
- Custom Scan Intensity – A new option has been added to the WAS option profile that allows you to specify the number threads and the delay between requests that the scanner should use.
- New Permission – A new WAS permission (“View Password in Authentication Record”) has been implemented in the Administration module that disallows viewing of WAS authentication record credentials.
- Mapping of Burp Issues – Both severity and confidence level of imported Burp issues are now considered when mapping them to the Qualys WAS rating system.
- Sort Scheduled Scans by Next Date – On the Schedules list in the Malware Detection module, now you can now click the Next Date column to sort scheduled malware scans by launch date.
API updates are also included with this release:
The specific day for deployment will differ depending on the platform. Release Dates will be published on the Qualys Status page when available.
For more details about the above features – please review the release notes. Release notes will be posted as soon as they are available on the Qualys Suite Release Notes page.