The Qualys Cloud Platform September 2021 releases include Qualys Cloud Suite 10.14.0.0 and Portal 188.8.131.52 releases, which contain new features and important enhancements in Qualys Cloud Platform, Policy Compliance, and Unified Dashboard.
Qualys Cloud Platform
Ability to choose additional vulnerability details in the vulnerability search downloads
Starting this release, you have an enhanced workflow allowing you to choose or remove details to enhance a more customized vulnerability search report before it is downloaded. The downloaded reports will include columns for the selected details based on user preferences
In-app guided tours for better user assistance (Beta)
You will now have access to in-app guided tours on various features and how to use them. The guided tours provide step-by-step help, ensuring optimum user assistance within the app. Currently, this feature is Beta and is available only for VMDR. We will be adding more guided tours in forthcoming releases.
To launch a guided tour, click on the icon on the VMDR Home page and then choose a specific topic to start with the step-by-step help.
Enhanced file content search on Unix agent
This release adds support to additional scan parameters to be included for file content search. Previously, only a limited set of parameters were available for users. Now, you can create UDCs for file content check on Unix agents by specifying the root directory and many more parameters such as file name and directory inclusion or exclusion, time limit for searches, data type and so on. The enhanced file content search also allows you to use wildcards.
New authentication record for Nginx
Starting this release, Policy Compliance users will be able to create authentication records for Nginx servers to assess compliance using agents as well as scanners.
New technology support
Qualys PC includes support for the following new technology:
- Nginx server
New scan parameters to exclude users or user groups from a control
Two new scan parameters are added to the existing File Owner parameters that enables exclusion of specific users or user groups on Unix agents. The new parameters are supported only on Unix agents for UDC type DI and DS.
Application Dashboard Template Library
With this release, Unified Dashboard introduces the Application Dashboard template library that displays the dashboard templates for all the Qualys apps active in your subscription. You can select a template and use it to create your dashboard. The Unified Dashboard page lists all the pre-defined templates as well as the ones that you have customized to suit your organization’s business requirements.
Support for static value as user input for ratio calculation
Starting this release, you can enter a static value in the comparison query line and get a ratio calculation with regards to vulnerability data. This will help allow access to metrics that would include data around the actual number of assets/vulnerabilities being scanned as compared to the value you provide.
- The following new templates have been added in this release:
- Fixed Disabled / Ignored Vulns – This widget template helps you view all the disabled or ignored vulnerabilities that have been fixed.
- Baron Samedit|Heap-based buffer overflow Sudo – This template helps you view trend data for CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit) across your assets.
- Patch Efficiency – Severity 3-5 – This template displays the patch efficiency status for vulnerabilities with a severity between 3 to 5.