The Qualys Cloud Platform October and November 2020 releases include Qualys Cloud Suite versions 3.3.0 and 10.5.0, which contain new features in Qualys Cloud Platform, Dashboards, Web Application Scanning, and adds support for several new technologies in Out-of-Band Configuration Assessment.
Qualys Cloud Platform
- Database UDC Support for PostgreSQL
- Users can now create new database user-defined controls for PostGreSQL 9.x, 10.x, 11.x, 12.x.
- New Technology Support for Out-of-Band Configuration Assessment
Support for the following technologies have been added for OCA:
- Microsemi SyncServer 3.x
- Aruba ClearPass Policy Manager (CPPM) 6.x
- Extreme Networks VOSS 6.x, 7.x, 8.x
- Extreme Networks BOSS 5.x
- Cisco IOS 12.x and 15.x
- EC2 Connector – New Region Support
With the addition of new region support, users are now able to view and select the following new regions from AWS while creating an EC2 connector:
- AWS Regions “Europe (Milan)”
- “Africa (Cape Town)”
- Asset Name Auto-Update
Currently in Qualys, any change in the host name due to an updated attribute, such as DNS, NETBIOS, INSTANCE_ID, or IP address, does not reflect automatically. Because of this, users have to change the host name manually whenever it changes. This release adds support to update the asset name automatically in case of any change in a key attribute. The updated asset name is also reflected in the search result when a user searches for the host.
Note: This feature is disabled by default.
IMPORTANT UPDATE: This feature is no longer a part of this release and will be available with Qualys Platform version 126.96.36.199.
New Templates in the Out-of-the-Box Template Library:
The Templates Library will now have three additional templates, using which, users can have a single-pane-of-glass view on the dashboard for assets with specific areas of concern.
Following are the new templates that have been added:
- High RTI 4-5 Severity Summary: This template will provide a set of indicators based on RTI data that enable users to measure the real level of risk of your infrastructure, and to provide a summary of the VM data with specific indicators relating to the ignored vulnerabilities.
- Microsoft RCE SMBv3 Advisory-CVE-2020-0796: This template will help users track all hosts impacted by CVE-2020-0796 vulnerability in their environment.
- Top10 Exploited Vulns | Alert-AA20-133A: This template helps users identify the most exploited vulnerabilities in the last 5 years.
- F5 | BIG IP – Vulnerabilities: This template will help users to view to all the F5 vulnerabilities and highlights the following CVES for remediation:
- CISCO IOS | XE: Vulnerabilities: With the help of this template, users can visualize their exposure to the new Cisco REST API Container for IOS XE Software Authentication Bypass Vulnerability (CVE-2019-12643).
- OpenBSD Vulnerabilities: With this new template, users can visualize their exposure to multiple authentication vulnerabilities in OpenBSD and highlights the following CVEs:
Qualys Web Application Scanning
- Copy QIDs to Clipboard
When viewing a list of QIDs in WAS, users can now copy the list to the clipboard. This option is available while viewing the core QIDs, the QIDs in a detection category, as well as the QIDs in a search list.
- Wildcards in Catalog Search
To improve usability of the catalog search box, an asterisk can now be used as a wildcard character when searching for IP addresses. For example, searching for “192.168.1.*” will return all catalog entries that have IP address from 192.168.1.0 to 192.168.1.255.