The Qualys Cloud Platform February 2021 releases include Qualys Cloud Suite 10.8.0 and 3.5.0, which contain new features and important enhancements in Unified Dashboard and Web Application Scanning, and new technology support in Policy Compliance.
Better management of customs widgets and dashboards
Qualys Dashboards now allow users to modify and delete user-defined widgets and dashboards. In case an unedited widget template is used in multiple dashboards, users can even edit the widget template in one place and have the widget update in all the dashboards where it is being used.
Ability to convert a dashboard into PDF
Qualys now enables its customers to convert a dashboard into a PDF report that would include the widgets and results of the widgets. This would help authorized users not only to visualize the data gathered with Qualys, but also to share reports with concerned teams and keep them updated about the current security and compliance posture.
Each PDF would include the dashboard classification in the header as well as the user name and timestamp in the footer of the report.
New user role in the Admin module
With the 220.127.116.11 release, Qualys introduces a new global user role to manage dashboard access for all products, which have migrated to unified dashboard framework. This new role would help organizations that want to have an authorized user who focuses on dashboard-reporting and representation of data across the platform, with granular access rights such as create/edit/delete/modify dashboards.
Newly added templates
The following new templates have been added in this release:
- FritzFrog Malware QID1052: Enables detection of FritzFrog with Inventory Data.
- Zoom Client Multiple Vulns (Windows): This template has been introduced to support Qualys Blog Post: Secure Remote Endpoints from Vulnerabilities in Video Conferencing & Productivity Applications like Zoom, specifically for Windows endpoints.
- Zoom Client Multiple Vulns (MAC): This template has been introduced to support Qualys Blog Post: Secure Remote Endpoints from Vulnerabilities in Video Conferencing & Productivity Applications like Zoom, specifically for MAC endpoints.
- PHP RCE Vulnerability | CVE-2019-11043: This template has been introduced to support Qualys Blog Post: PHP Remote Code Execution Vulnerability (CVE-2019-11043)
- Open Confirmed Within 6M | Adobe: Enables you to view all your Adobe-related inventory and Adobe product-related vulnerabilities.
- Oracle Patch Review: Enables you to see all your Oracle-related inventory and Oracle product-related vulnerabilities.
- Oracle Weblogic Server | CVE-2020-2883: Enables you to view Oracle Weblogic Server vulnerabilities.
- ZeroLogon | CVE-2020-1472: Enables you to view vulnerabilities related to CVE-2020-1472, which received a maximum severity rating score of 10.0 on CVSS v3 Scoring system.
- Palo Alto Networks Vuln View: Enables you to view all vulnerabilities related to Palo Alto Network devices.
- NSA’s Top 25 Vulnerabilities from China: This template lists the top 25 publicly known vulnerabilities known to be leveraged by cyber actors from Chinese state-sponsored malicious cyber actors group.
- Citrix ADC and Gateway RCE CVE-2019-19781: Lists the vulnerabilities related to CVE-2019-19781 – a remote code execution vulnerability in Citrix Application Delivery Controller (ADC) and Citrix Gateway products.
- EDR-Windows MITRE ATT&CK: The MITRE ATT&CK dashboard comprises several widgets specific to the techniques included in the MITRE ATT&CK framework, which populates as soon as any of your monitored assets fall prey to malicious activities.
- FIM Windows MITRE ATT&CK: The MITRE ATT&CK dashboard comprises several widgets specific to the techniques included in the MITRE ATT&CK framework, which populates as soon as any of your monitored Windows assets falls prey to malicious activities.
- FIM LINUX MITRE ATT&CK: The MITRE ATT&CK dashboard comprises several widgets specific to the techniques included in the MITRE ATT&CK framework, which populates as soon as any of your monitored Linux assets falls prey to malicious activities.
Web Application Scanning (WAS)
Scan Intensity Details Now Shown in Downloaded Reports
When downloading a report in any format from Qualys Web Application Scanning, the scan intensity settings for the scanning option profile will now be displayed. Earlier, downloaded reports only displayed whether you were using a pre-defined or custom scan setting with no details on the setting itself.
With this change, the details of the scan intensity setting will now be reported. For example, for our pre-defined scan intensities, we will now show Lowest, Low, Medium, High, and Maximum. For custom scan intensities, the number of HTTP threads and the delay between requests will be displayed.
New Technology Support in Qualys PC
With the 10.8.0.0 release, Qualys Policy Compliance adds support for the following new technologies:
- SAP HANA database