Qualys TotalCloud 2.14.0 Release Updates

Shrikant Dhanawade

The Qualys TotalCloud 2.14.0 version introduces new capabilities, features, and updates. The release will be available by mid-January 2025.

TotalCloud Enhanced User Interface (UI 4.0)

TotalCloud now features the Enhanced User Interface (UI 4.0) as part of the Qualys Enterprise TruRisk™ Platform. The updated interface delivers a modern, intuitive design with simplified navigation and a visually appealing layout to enhance the user experience.

This update improves usability, streamlines workflows, and ensures a seamless interaction across the platform. For more details, refer to the Qualys UI update blog.

Support for OAuth2.0 for Qualys API

Qualys has enhanced API security by introducing OAuth2.0 support for API authentication. This enhancement also includes OpenID Connect (OIDC) support, enabling integration with customer Identity Providers (IDP) for seamless and secure authentication.

A new endpoint URL has been added to support this enhanced API security. However, the existing basic authentication method will continue to be supported via the Qualys Guard endpoint URL, ensuring backward compatibility.

Customers are encouraged to adopt OAuth2.0 for improved security and scalability.

CSPM Enhancements

New CIS Benchmark Policies

Qualys, a leading provider of cloud security solutions, is dedicated to offering extensive coverage of the CIS Benchmarks and regularly releases CIS-certified policies in TotalCloud. Qualys also contributes to the development of new benchmarks through the CIS Community, ensuring that the benchmarks stay relevant and up to date.

TotalCloud will have new CIS versions in this release.

  • CIS Microsoft Azure Foundations Benchmark 3.0.0

Support for additional OCI regions

TotalCloud brings support for 17 new regions of OCI Cloud across the US Midwest, Europe, Asia Pacific, Middle East, South America, and Africa, bringing the total coverage to all 39 OCI regions. This expansion ensures broader visibility and security coverage for your OCI environments.

There is no impact on your existing connectors, and no updates are required. By default, the newly supported regions will automatically be included in your inventory collection, ensuring the seamless adoption of this expanded coverage.

Introduced New OCI Widgets for Dashboards

We have added new OCI widgets for OCI resources, posture, and policy compliance. Users can use these widgets to visualize OCI-related information on the dashboard. Using these five widgets allows user to visualize:

  1. OCI resources distribution by type
  2. Policy compliance
  3. Security Posture by control criticality
  4. Top 5 tenancy by failed controls
  5. Top 5 failed controls

Enhanced CSV Reports

Qualys CSPM now supports extended CSV report sizes, allowing you to export over 200,000 records in a single report. This update ensures you can efficiently handle larger datasets of findings, including misconfigurations, enabling seamless integration with automation tools and third-party systems.

With this enhancement, organizations can streamline compliance reporting, accelerate remediation workflows, and strengthen cloud security operations.

CWP Enhancements

Software Composition Analysis (SwCA) using TotalCloud FlexScan

The Qualys Cloud Agent already supports robust Software Composition Analysis (SwCA) capabilities. Now, we’ve extended the same SwCA functionality to our Snapshot-Based (Agentless) scanning technique. This can easily be enabled through existing cloud connectors in Zero-Touch, offering seamless integration. In addition to delivering Six Sigma accuracy in vulnerability detection, the snapshot-based scan now identifies vulnerabilities across operating systems and software components.

This covers risk detection for supply chain software. All detected vulnerabilities are presented in a unified view under the vulnerabilities section of the assets, enabling streamlined analysis, prioritization, and remediation.

CDR Enhancements

CDR Dashboard Widgets

We have introduced custom widget support for CDR (Cloud Detection and Response) findings in the TotalCloud dashboard. Users can now leverage the “Build Your Widget” option to create custom CDR widgets using dedicated CDR tokens for enhanced visibility and monitoring.

In this release, the custom CDR widgets support four CDR tokens to help visualize key insights and metrics directly on the TotalCloud dashboard. These tokens enable users to tailor their dashboards for more focused and actionable data representation.

Resources

Share your Comments

Comments

Your email address will not be published. Required fields are marked *