December 2021 Releases: Change in Qualys Email Domain and New RTI for Known Exploited Vulnerabilities
The Qualys Cloud Platform December 2021 release includes Qualys Cloud Suite 220.127.116.11, which contains new features and important enhancements in the Qualys Cloud Platform.
Qualys Cloud Platform
Change in Qualys Email Domain
Qualys is in the process of strengthening its email security posture. As a security best practice, we are segregating the corporate email domain from the platform bulk emails by using a dedicated email domain
qualys.net for our platform emails. As a result, the account management, scan notifications, and daily vulnerability feed emails that were being sent by using the
@qualys.com email IDs will now be changed to
@qualys.net. Customers are required to add
@qualys.net to their approved senders’ lists and domains to avoid any quarantine or incorrect categorization of Qualys emails.
New RTI and QQL for Known Exploited Vulnerabilities
With this release, users can configure a ruleset to get alerts on active security threats using the new Real-Time Threat Indicator for known exploited vulnerabilities, helping users to prioritize and take quick decisions.
Additionally, the following query can be used in the Vulnerabilities tab to query on active vulnerabilities associated with known exploited vulnerabilities:
You can use the same QQL token to add widgets to the dashboard for a quick insight into your current threat exposure with regards to the CISA known vulnerabilities.
On the VMDR Prioritization page, select RTI from the Group By drop-down list to view the list of count of active known exploited vulnerabilities.
The token add is huge, not only is it helpful but released before I was able to hack something together to show this. Thanks!