June 2022 Release: New Configuration Changes to Remediate Microsoft Vulnerabilities, Kb Severity Levels and More

The Qualys Cloud Platform June 2022 release includes QWeb 10.19.0.0 and Portal 3.12.0, which adds support for new QQL tokens and includes several new features and enhancements in Unified Dashboard.

Feature Highlights

Qualys Cloud Platform

New QQL Token

This release adds a new QQL token to enable you to customize the severity for vulnerabilities and assets based on your specified values.

Note: These tokens are available only if you have Qualys Cyber Security Asset Management in your subscription.

1. vulnerabilities.vulnerability.severity: Select this token to view the severity level (1-5) set by Qualys to find assets having vulnerabilities. For example:

Unified Dashboard

Remediate Microsoft Vulnerabilities with a Patch and a Configuration Change

With this release, you will be able to view if the vulnerabilities require a patch or a configuration change. If the selected vulnerabilities require a patch and a configuration change the job will be pre-populated with the relevant patches and the required configuration changes. You can perform the remediation action from the VMDR Prioritization page. Click Start Prioritizing and add asset tags to proceed.  Click Prioritize Now. The Available Remediation column has the Patches and Fixes for Misconfiguration

The Patches are based on the Qualys Patchable and Fixes for Misconfiguration includes the pre and post config changes.

Click Patch Now for the assets you want to apply patches and then select Add to new Job. You will be redirected to Patch Management.

Support for Customer and KB Severity Levels

We have now added an arrow to quickly identify the custom severity that you configure for a vulnerability/QID. For a particular QID, you can now view both severity levels: one set by you and the other by Qualys. The arrows indicate if the custom severity is lower or higher than the severity set by Qualys.

: Indicates custom severity higher than Qualys severity.

: Indicates custom severity lower than Qualys severity.

Example:

Consider a QID with Qualys severity as 1 and custom severity as 3. The severity bar indicates the right arrow at 1. The right arrow implies that Qualys severity level is 1, but you have increased the severity for this QID to 3.

Similarly, if you reduce the severity of a QID lower than the severity set by Qualys, the Severity bar shows the left arrow.

KB Severity for Table Widget for Group By Title

With this release, you can fetch the vulnerability data based on the Kb Severity for the Table Widget. The Kb Severity is the new addition in the Columns to Display field of the Table widget.

New Technology support for OCA

With this release, OCA module adds support for the following technology to evaluate off-line/air-gapped devices in your environment:

• Arista MOS