The Qualys Cloud Platform June 2021 releases include Qualys Cloud Suite 10.12.0.0 and 220.127.116.11, which contain new features in Policy Compliance, Vulnerability Manager, Unified Dashboard, and Web App Scanning.
Qualys Cloud Platform (VM, PC)
- Support for Solaris Agents in VM and PC workflows
Starting with this release, VM and PC users will be able to evaluate Solaris agents (x86, SPARC) and run policy reports for such agents across their network.
Note: In PC, only system-defined controls are supported in this release. User-defined controls cannot be included in policy scans.
- New templates
The following new templates have been added in this release:
- Adobe Vulnerability Tracking – Displays Adobe-related inventory and vulnerabilities related to Adobe products.
- Disabled / Ignored Vulns – Displays the active vulnerabilities that are disabled or ignored.
Web App Scanning
- Parameterization of Username and Passwords in Selenium Scripts
In past versions, users required to manually edit and re-upload a Selenium authentication script if a username or password needed to be changed. The new feature allows you to parameterize the username and password in a way that simplifies this process, managing the username and password under the Selenium script form fields instead.
Now if you need to update the username or password for a given application, you can quickly make the change in the Authentication Record itself by changing the username and password under the Selenium script form fields.
- Direct Upload of OpenAPI Specification and Swagger files
Previously, customers scanning API endpoints using OpenAPI Specification (OAS) and Swagger files were required to host their files online. With this release, they will be able to directly upload their OAS and Swagger files into their Qualys WAS configuration file for their APIs. This functionality will mirror the ability to directly upload Postman Collections for API scanning.