November 2022 Release: New QQL Token in Qualys Cloud Platform and Support for On-Demand Scans Using Qualys CA and More
Last updated on: November 30, 2022
Table of Contents
The Qualys Cloud Platform November 2022 release contains Portal 3.13.1, which includes a new QQL token introduced in Qualys Cloud Platform, the ability to launch on-demand scans using Qualys Cloud Agent, and the enhanced WAS UI enabled for all users by default.
Qualys Cloud Platform
New QQL Token to Search by Time to Remediate (TTR)
Starting this release, users can search for vulnerabilities fixed within a given period of time by using the new token
vulnerabilities.ttr.firstFound that’s available in the vulnerability data source query box.
The token name designation of FFTTR indicates that the search results fetch vulnerabilities based on the ‘First found to fixed date time to remediate’ calculation.
Use a date range or a specific date to search.
To search for vulnerability findings based on FFTTR:
vulnerabilities.ttr.firstFound: [1 … 7] and vulnerabilities.status:FIXED
Qualys Cloud Agent
Launch On-Demand Scan Using Qualys Cloud Agent
The new on-demand scan feature helps you with the flexibility to initiate a scan without waiting for the next scheduled scan. Running an on-demand scan helps you understand whether a vulnerability is remediated after a patch application. Currently, you can send 15000 on-demand scan requests per day.
By default, Cloud Agent for Windows uses a throttle value of 100. Cloud Agent for Linux uses a value of 0 (no throttling). If you want to use the values in the configuration profile, select the Use CPU Throttle limits set in the respective Configuration Profile for agents check box.
Note: This feature will be available with the Windows 5.0.1 and Linux 5.6 agent binaries with on-demand scan support, slated for release towards the end of November 2022.
Important update: This feature will be available in Dec 2022 due to dependencies on Windows 5.0.1 and Linux 5.6 agent binaries with on-demand scan support.
Qualys Web Application Scanning
With this release, the new and enhanced WAS user interface will be enabled for all users by default. You may click on the Switch to classic WAS link if you want to switch back to the old UI.
The enhanced WAS UI provides the following new features:
- The Home page in the enhanced WAS user interface lets you have a one-glance perspective of all the web applications under your subscription, detect and monitor their security vulnerabilities, and provides an easy way to start integrated scanning.
- The Dashboard tab is now integrated with the Qualys Unified Dashboard.
- Integrated Qualys QQL support for enhanced search.
- Better user experience through the new look and feel of the Web Applications, Authentication, Detection, Option Profiles, and Search List tabs.
When will Windows Cloud Agent 5.0.1 be released? I have many clients who would love to use the on-demand feature, but most of them are at 220.127.116.11, so they receive the message: This Agent version 18.104.22.168 is not supported for On-Demand Scan.