Qualys TotalCloud 2.12.0 Release Updates

Shrikant Dhanawade

The Qualys TotalCloud 2.12.0 version introduces new enhancements and modifications to its configuration. This release will be deployed by the end of September 2024.

CSPM Enhancements

Cloud Inventory Enhancements

With the earlier release of TotalCloud 2.11, Qualys has significantly enhanced cloud inventory for AWS and Azure, making it easier to gain visibility into cloud assets.

As part of our ongoing commitment, we are expanding this coverage to include GCP and OCI, adding more inventory to streamline multi-cloud management. This continued effort empowers organizations to achieve comprehensive asset visibility, improve security posture, and ensure better compliance across all supported cloud platforms. Our latest updates will help customers avoid cloud security risks and manage their resources more effectively.

CSPM Controls Failures in the Inventory

Alongside the enhanced cloud inventory updates, we provide a direct link to view CSPM configuration issues swiftly. This enables you to quickly identify misconfigurations and prioritize security measures, especially for your most critical assets or “crown jewels.” By linking inventory to security posture management, we help you streamline the process of identifying and addressing the most impactful cloud security risks, allowing for faster remediation and protection of vital data across your cloud environments.

New CIS Benchmark Policies

With the continued focus on keeping the latest CIS version, TotalCloud now has a new CIS version in this release, i.e., CIS Google Cloud Platform (GCP) Foundation v3.0.0.

CWP AWS Snapshot-Based Scan – Enhancements

We’ve significantly enhanced the performance of our Snapshot-Based Scan process.

  • We’ve optimized costs by reducing transition steps and improving lambda function efficiency, accelerating the scanning process and shortening snapshot lifespans. Time optimization has also been achieved through better block device mapping and increased scanner capacity, reducing scan times and allowing more efficient volume handling.
  • The new version of the CloudFormation Template for service accounts (CFT-S) and auto-deployment capabilities streamlines updates, reducing the need for manual intervention.
  • Lastly, we’ve removed constraints related to service endpoint configuration, further enhancing deployment efficiency.

We recommend that you evaluate the new changes and move your deployments to the new version to take advantage of the enhancements.

CDR Enhancements

Enhanced Deployment Script for Azure Cloud Findings

We have enhanced deployment script support for CDR findings for Azure using the Azure NSG flow logs. Users can configure a flow log deployment through the Azure tab on the threat scanner page. This tab helps create configurations with information about the storage account where users have decided to collect the NSG flow logs. Users can download a script to configure the subscription for flow log retrieval to Qualys cloud for CDR finding analysis when a deployment is created. For FedRAMP customers, the updated scripts deploy functions in customer subscriptions to connect to Qualys FedRAMP Cloud.

Enhanced CDR finding management

We have added support for searching and filtering the findings using QQL tokens on the CDR findings tab. The user can apply the filter to look at the findings that occurred in the last 24 hours to 30 days. The user can also apply QQL queries to narrow the findings for a specific originator.

Resources

Share your Comments

Comments

Your email address will not be published. Required fields are marked *