September 2020 Platform Release: New Templates, Widget Builder, and More

Pronamika Abraham

The Qualys Cloud Platform September 2020 release includes new features in AssetView, Dashboards, and Web Application Scanning as a part of the Qualys Cloud Platform 3.2.0 release. 

Feature Highlights

Qualys AssetView

New Azure Attributes

For Qualys users who use Azure connectors to discover Azure assets in their environment, we have added new Azure attributes that can be leveraged for dynamic tags.

The following are the new Azure attributes:

  • azure.tags
  • azure.tags.name
  • azure.tags.value
  • azure.vm.location
  • azure.vm.macAddress
  • azure.vm.privateIpAddress
  • azure.vm.publicIpAddress
  • azure.vm.resourceGroupName
  • azure.vm.size
  • azure.vm.state
  • azure.vm.subnet
  • azure.vm.subscriptionId
  • azure.vm.imageOffer
  • azure.vm.imageVersion
New Token to Identify Azure Assets

In this release, a new token is added to easily identify Azure assets that have Qualys Cloud Agent installed on them. Users can use the search token – azure.vm.hasAgent with a “True/False” value to define whether the Azure assets have the Qualys Cloud Agent or not.

Tag Re-evaluation Deprecation

The Re-evaluate rule on save checkbox, present in the Tag Rule page of the Tag Creation wizard, will be discontinued from this release onwards. With the deprecation of the option, whenever a new tag is created or an existing tag is modified, the tag rule will be queued for auto-evaluation. Users will no longer be required to manually initiate a rule evaluation. 

In case of any technical issues, users can contact Qualys Support. 

Qualys Dashboards

New Templates in the Out-of-the-Box Template Library

The Templates Library will now have three additional templates, using which, users can have a single-pane-of-glass view on the dashboard for assets with specific areas of concern.

Following are the new templates that have been added:

  • Apache Tomcat AJP Ghostcat – This template would help users have a consolidated view of all the Apache Tomcat instances with the Ghostcat flaw.
  • DNS Vulnerabilities View – Using this template, users can gain insight into all the assets that are detected with Windows DNS vulnerabilities.
  • TOP 19 CVEs – This template will enable users to gain instant visibility into the assets with the top 19 highly critical CVEs.
Widget Builder for Frequently Used Queries 

The newly added widget builder will allow users to view the frequently used QQL queries, save, and manage them with ease. With the new widget builder, users will have the ability to create widgets from frequently used queries for easy reference in future. 

Ratio Widgets

The new dashboards will help create ratio widgets based on various data points such as CVE, Vulnerability Age, Vulnerability Severity, and so on. This would enable users to plot data as per FedRAMP mandates for better visualization and remediation. The widgets store results up to a maximum of 90 days, which can be utilized to identify trends.

Within the new Widget Builder, users can create ratio widgets based on combined data points such as CVE, Vulnerability Severity, Operating systems and so on. This would enable users to build widgets to track ratios such as the Vulnerable Host Ratio, for better visualization and remediation of the health of their vulnerability program as a metric. The widgets can be used to store results up to a maximum of 90 days, which can be utilized to identify trends.

Qualys Web Application Scanning 

Keyword URL Search

From this release onwards, the Web Application Scanning (WAS) option profile under Search Criteria will allow users to specify up to 10 keywords or regular expressions, which the scanner uses to search URLs for a match.  This can be used, for example, to see if any of your web applications are exposing sensitive information in URLs, which would violate the GDPR.  Matched URLs will be reported under QID 150141. 

Source of Catalog Entries 

The WAS catalog will now show the source of each entry to help users understand where it originated. The source of a catalog entry can be a VM scan, WAS scan, or VM map.  A new source filter has been added as well.

Share your Comments

Comments

Your email address will not be published. Required fields are marked *