Qualys will upgrade all qualified Qualys Vulnerability Management (VM) subscriptions to include the following capabilities at no additional cost.
With this upgrade, customers will be receiving the following new capabilities:
- New fully customizable dashboards for operational and management-level reporting.
- Import pre-built dashboards from the Qualys Community, created by Qualys or other Community members.
- Dynamic vulnerability reporting with trending and real-time information about vulnerabilities.
- Ability to build customized dashboards for tracking critical vulnerabilities and remediation status.
- Pre-built In-Product dashboard templates will be available to customers.
- Global IT Asset Inventory, Certificate Inventory, Cloud Inventory, Container Inventory, and Mobile Device Inventory are enabled by default to help you perform asset discovery and build an up-to-date asset inventory across your entire hybrid IT environment.
- Asset Inventory: On-premises Device Inventory – Detect all devices and applications connected to the network, including servers, databases, workstations, routers, printers, IoT devices, and more.
- Certificate Inventory – Detect and catalog all TLS/SSL digital certificates (internal and external facing) from any Certificate Authority.
- Cloud Inventory – Monitor users, instances, networks, storage, databases, and their relationships for a continuous inventory of resources and assets across all public cloud platforms.
- Container Inventory – Discover and track container hosts and their information – from build to runtime.
- Mobile Device Inventory – Detect and catalog Android, iOS/iPadOS devices across the enterprise, with extensive information about the device, its configurations, and installed apps.
- In the event of a new vulnerability disclosure, affected systems and software can be identified instantly using the Global IT Asset Inventory to reduce the time to detect a vulnerability.
- Ability to perform search based on QQL queries on vulnerability data and make it actionable by downloading the results.
- There is no change in Vulnerability Management workflows; all existing workflows will continue to exist and can be performed similarly.
- The current entitlement of apps and licenses will remain the same.
Asset and Vulnerability-Centric View of Your Data
With the new “Vulnerabilities” tab, you can perform QQL searching formulated to answer specific questions that can be made actionable by downloading the resulting data set. For example, in the screenshot below, you can see all vulnerabilities last found in the 30 days that have a patch available. A typical query might find all assets with severity 5 vulnerabilities in your Boston datacenter, or all the assets that require patches following Patch Tuesday.
Combining the asset-centric view with vulnerability-centric views gives you more flexibility to dig into your data from a 360-degree view with more in-depth insights into the security posture of your organization.
More information can be found here.
The Unified Dashboard (UD) Framework will give you single-pane-of-glass visibility into your organization. As shown in this example, Unified Dashboard can cohesively and dynamically work with Global IT Asset Inventory, Vulnerability Management, Patch Management, and many more widgets to give a single view of your enterprise.
Global AI, VM, and Patch widgets, Policy Compliance together in a single view
Easy-to-Use Widget Builder
The ability to build any widget from any module with the easy-to-use widget builder in Unified Dashboard allows you to quickly create any widget type needed to display your KPIs and metrics on your favorite dashboard. Easily switch from Asset Counts to Vulnerability counts.
New Widget Visualizations
Unified Dashboard brings new widget visualization types such as multi-column group-by, summary count cards, multi-bar & stacked, and ratio count widgets.
Targeted Customers for the VM Upgrade
Below are the subscriptions eligible for the VM Upgrade:
- Account with Enterprise Suite, Express Suite
- Global AssetView Enabled
The migration is expected to start by the last week of October and be complete by the end of October.