Qualys TotalCloud 2.13.0 Release Updates

Naveen Kulshreshtha

Last updated on: December 4, 2024

The Qualys TotalCloud 2.13.0 version introduces new enhancements and modifications to its configuration. This release will be available by the middle of December 2024.

Simplified onboarding to TotalCloud

We provide a new 3-click onboarding UI experience for TotalCloud connector deployment. With easy connector deployment, you can onboard TotalCloud in minutes and visualize the inventory and its posture. The new onboarding walks you through each milestone and guides you for your next step after connector deployment. In the current release, this experience is available to onboard new cloud accounts and not for organization connector deployment.

Prioritize with TotalCloud TruRisk Insights

TruRisk Insights helps prioritize the critical resources with findings. Insights correlate findings from all scanning inputs like CWP, CSPM, CDR, and CIEM. We have many newer TruRisk Insights added in TotalCloud to help you with a prioritized view of critical risks to cloud deployment. The latest update brings the total number of TotalCloud TruRisk Insights to 100+ Insights for AWS.

Effective investigation for real-time threats

We have added a new “Investigate” tab to the navigation options for the TotalCloud. The investigate tab is a unified view of the runtime threat detection by CDR (Cloud Detection and Response). This tab visualizes CDR detection using the traffic mirroring, flow logs, and cloud activity logs on all resources across multiple cloud providers in a unified view. The unified view shows the latest findings on top with filters for resource types, time duration of findings, etc. You can also group the findings for resources, cloud identifiers like AWS accounts, or cloud providers.

Enhancing RBAC with Qualys tags

Qualys provides the ability to apply tags to cloud connectors deployed through Cloud Organization Connectors. This capability enables organizations to enforce stricter Role-Based Access Control (RBAC) for their cloud deployments within the Qualys platform.

Additionally, with Qualys tags, users can achieve enhanced visibility across Posture, Dashboards, and Reports, simplifying the categorization and management of security findings.

This functionality streamlines cloud security operations, ensuring efficient management of findings while strengthening control and precision in addressing vulnerabilities and misconfigurations.

CWP Enhancements

Snapshot scan run on-demand

Qualys TotalCloud provides FlexScan for workload scans and vulnerability scans. FlexScan allows users to scan ephemeral workloads or onboard new accounts to your organization’s security compliance without agent installation. Cloud workload snapshot scan is one of the FlexScan methods TotalCloud provides to discover vulnerabilities using the Qualys Six Sigma Vulnerability platform.

With TotalCloud FlexScan, you can already schedule the snapshot scan. We are adding the capability to run the scan on-demand, allowing you to run the scans as soon as you fix the vulnerability. You can run the scan at the account level or selectively for the VMs for regions, tags, etc.

CSPM Enhancements

Cloud Inventory Enhancements

We have added functionality allowing users to sort inventory alphabetically on the inventory page. When users log in to TotalCloud, they will see the default view with the Instances at the top. By clicking on the column title “Inventory type” users can sort inventory in ascending or descending order. The user can sort the inventory for all cloud types in its inventory listing.

Continuing the earlier enhancements on the cloud inventory in TotalCloud, we have further enhanced the TotalCloud inventory discovery for all clouds. This enhancement is crucial to improve the comprehensive visibility of your cloud inventory and management. With this enhancement of additional inventory visibility, you can apply the best global compliance standard supported by Qualys to detect misconfigurations and remediate misconfigurations on these newly visible cloud inventories. With this enhancement, we have added 12 new inventory types across all supported clouds in the TotalCloud platform.

View Compliance Mandates

Qualys TotalCloud supports 39 global compliance mandates across multiple industries, such as PCI DSS, NIST, HIPAA, GDPR, etc, empowering customers to generate audit-ready compliance reports. The mandate report ensures your cloud infrastructure aligns with industry standards. We’ve introduced a new tab on the TotalCloud Policy page, providing a centralized view of all supported global compliance mandates. The page also includes a search feature, allowing users to find specific mandates by name, version, or publisher token, streamlining compliance management.

CDR Enhancements

Cloud Detection and Response for Google Cloud

TotalCloud CDR enhances threat detection by visualizing real-time findings using traffic, flow logs, and activity logs within cloud accounts. We are enhancing TotalCloud threat detection for Google Cloud. Google Cloud supports native traffic mirroring to forward a copy of the traffic for examination by cloud detection appliances.    

In this release, we have released a CDR appliance for GCP Cloud to support the detection of malware, ransomware, crypto-miner, and malicious network activity using GCP traffic mirroring. You can deploy CDR in a security project to visualize and monitor malicious activity detection for multiple projects. Users can create GCP deployments, which generate a license key to deploy this appliance. Customizable terraform scripts are available to deploy GCP CDR from the GCP cloud shell. 

Resources

Share your Comments

Comments

Your email address will not be published. Required fields are marked *