Qualys TotalCloud 2.12.0 Release Updates
The Qualys TotalCloud 2.12.0 version introduces new enhancements and modifications to its configuration. This release will be deployed by the end of September 2024.
CSPM Enhancements
Cloud Inventory Enhancements
With the earlier release of TotalCloud 2.11, Qualys has significantly enhanced cloud inventory for AWS and Azure, making it easier to gain visibility into cloud assets.
As part of our ongoing commitment, we are expanding this coverage to include GCP and OCI, adding more inventory to streamline multi-cloud management. This continued effort empowers organizations to achieve comprehensive asset visibility, improve security posture, and ensure better compliance across all supported cloud platforms. Our latest updates will help customers avoid cloud security risks and manage their resources more effectively.
CSPM Controls Failures in the Inventory
Alongside the enhanced cloud inventory updates, we provide a direct link to view CSPM configuration issues swiftly. This enables you to quickly identify misconfigurations and prioritize security measures, especially for your most critical assets or “crown jewels.” By linking inventory to security posture management, we help you streamline the process of identifying and addressing the most impactful cloud security risks, allowing for faster remediation and protection of vital data across your cloud environments.
New CIS Benchmark Policies
With the continued focus on keeping the latest CIS version, TotalCloud now has a new CIS version in this release, i.e., CIS Google Cloud Platform (GCP) Foundation v3.0.0.
CWP AWS Snapshot-Based Scan – Enhancements
We’ve significantly enhanced the performance of our Snapshot-Based Scan process.
- We’ve optimized costs by reducing transition steps and improving lambda function efficiency, accelerating the scanning process and shortening snapshot lifespans. Time optimization has also been achieved through better block device mapping and increased scanner capacity, reducing scan times and allowing more efficient volume handling.
- The new version of the CloudFormation Template for service accounts (CFT-S) and auto-deployment capabilities streamlines updates, reducing the need for manual intervention.
- Lastly, we’ve removed constraints related to service endpoint configuration, further enhancing deployment efficiency.
We recommend that you evaluate the new changes and move your deployments to the new version to take advantage of the enhancements.
CDR Enhancements
Enhanced Deployment Script for Azure Cloud Findings
We have enhanced deployment script support for CDR findings for Azure using the Azure NSG flow logs. Users can configure a flow log deployment through the Azure tab on the threat scanner page. This tab helps create configurations with information about the storage account where users have decided to collect the NSG flow logs. Users can download a script to configure the subscription for flow log retrieval to Qualys cloud for CDR finding analysis when a deployment is created. For FedRAMP customers, the updated scripts deploy functions in customer subscriptions to connect to Qualys FedRAMP Cloud.
Enhanced CDR finding management
We have added support for searching and filtering the findings using QQL tokens on the CDR findings tab. The user can apply the filter to look at the findings that occurred in the last 24 hours to 30 days. The user can also apply QQL queries to narrow the findings for a specific originator.
Resources
- Learn more about TotalCloud
- Online Help for TotalCloud, Connectors, TotalCloud API User Guide
- How-to Training Videos
- If you have questions, please contact your TAM or Qualys Technical Support.