This release of the Qualys Cloud Platform version 2.39 includes updates and new features for Out-of-Band Configuration Assessment (OCA), Vulnerability Management, and Web Application Scanning, highlights as follows.
- Trending uses Include/Exclude Filters in Dashboard – Widget trending now supports the recently introduced Include/Exclude filters, for example, excluding Fixed vulnerabilities in trending widgets.
Web Application Scanning
- Enhanced Crawling – A new setting is available in a WAS option profile that can potentially improve scan coverage. With enhanced crawling enabled, the scanner will load and render individual directories associated with the web application. This can lead to discovery of additional content to be scanned.
- Full HTTP Requests – WAS now provides the full HTTP request made by the scanner for certain vulnerability types. This improvement was done to help with reproduction and remediation of scanner findings.
- Default Report Template – When creating a report, the default report template for the report type is now used. For example, when selecting “View Report” from the quick actions menu for a scan, the default template for a scan report will be used. When selecting “View Report” for a web application, the default template for a web application report will be used.
Out-of-Band Configuration Assessment (OCA)
- Updated Description – The description for OCA is changed to “Extend security and compliance to inaccessible asset” to better reflect the enhanced use cases offer by this application.
API updates are also included with this release:
The specific day for deployment will differ depending on the platform. Release Dates will be published on the Qualys Status page when available.
For more details about the above features – please review the release notes. Release notes will be posted as soon as they are available on the Qualys Suite Release Notes page.