The Qualys TotalCloud 2.7.0 version introduces new enhancements and modifications to its configuration. This release is planned to be deployed by the first half of Jan 2024.
Prioritize with TruRisk Insights
TruRisk scoring was introduced to facilitate the prioritization of cloud security issues earlier in TotalCloud release 2.6, for your cloud workloads, along with cloud security TruRisk Insights.
Now, you can check all those insights through a new tab called “Insights” on TotalCloud. This tab serves as the central hub for accessing all the TruRisk Insights recommended by Qualys for enhancing Cloud Security.
With TruRisk Insights, you’ll gain access to critical security findings based on Qualys’ recommended risk factors related to cloud misconfigurations, vulnerabilities, and real-time threats. This feature enables you to generate actionable insights that proactively manage and mitigate potential security risks in your cloud environment. It strengthens your overall security posture, thus minimizing the likelihood of security incidents.
The TruRisk Insights dashboard widget template provided in version 2.6.0 is now enhanced, allowing users to filter information specific to insights using the supported QQL search tokens. Replacing the previously created Insight widget with the new template is recommended.
Enhancements to features
Experience a simplified exception creation process for the connector scope by introducing “All Connectors” selection with a radio button. You also get the ability to select all the connectors via REST APIs.
Cloud Perimeter Scan
Simplify the tracking of Cloud Accounts (AWS Account ID and Azure Subscription ID) schedules and jobs at VMDR with enhanced zero-touch Perimeter Scan via Connector that includes the cloud account identifiers in the scan title. This enhancement enables you to trace the scan job for the respective cloud accounts and their selected scan schedules.
The inclusion of FlexScan’s Cloud Perimeter scan feature is now extended to the Azure Org connector. Earlier, this capability was available to Azure subscription-level connectors. If you deploy an Azure Org Connector for your Azure Tenants, you can activate cloud perimeter scans for all the subscription connectors identified by Azure Org Connectors with this update. It also ensures that all your Azure externally facing VMs undergo thorough cloud perimeter scanning through TotalCloud FlexScan.
Threat Detection for Azure Cloud
TotalCloud’s Cloud Detection and Response (CDR) now includes support for identifying threats within the Azure Cloud platform. This feature allows organisations to deploy CDR to monitor Azure workloads using NSG Flow logs. When operational, the CDR feature lets users visualise potential threat findings on the Azure workload’s “Cloud Detection and Response” page. It is particularly adept at illustrating suspicious communications to Azure VMs by scrutinising flow logs obtained from these VMs.
Implementing TotalCloud CDR can significantly mitigate the risk of hosting critical workloads on the cloud. It achieves this by proactively identifying and addressing threats directly at their source, thus enhancing the security and integrity of cloud-based operations.