Qualys TotalCloud 2.15.0 Release Updates

Vinayak Ghadi
Vinayak Ghadi, Senior Technical Product Manager, Qualys
- 5 min read

Last updated on: March 10, 2025

Table of Contents

The Qualys TotalCloud 2.15.0 version introduces new capabilities, features, and updates. The release will be available by mid-march 2025.

Introducing Attack Path for AWS TruRisk Insights

We are excited to announce the introduction of Attack Path, a groundbreaking feature in TotalCloud powered by TruRisk Insights. This innovative capability empowers enterprises to visualize their cloud resource compliance and understand the attack path created by associated vulnerabilities, threats, and misconfigurations. With Attack Path, businesses can break down exposure chains, prioritize high-impact risks, and stop threats.

Our focus with TruRisk Insights has always been prioritizing the most critical cloud security risks, providing a single, prioritized view of findings. Now, TruRisk Insights integrates Attack Path visualization to provide deeper context to these findings. This enhancement lets you see vulnerabilities’ potential “blast radius” by visualizing the complete attack chain across your AWS cloud environment. This clear, contextualized view of potential breach pathways empowers faster remediation, strengthens your cloud security posture, and reduces your overall risk.

Attack Path Also Covers Insights from Containers and Images

In this release, we added TruRisk Insights from container images and registries to present combinations of risks in containerized environments, including public exposure, malware, secrets, and exploitable vulnerabilities. The best part of our Kubernetes and container security insights is that they are cloud neutral—i.e., they apply to Kubernetes on any cloud—even on-prem.

Please contact your Qualys Technical Account Manager or TotalCloud Subject Matter Expert for more information.

Enhancing RBAC with Qualys tags for Azure and GCP

In an earlier release, TotalCloud 2.13, Qualys provided an ability to apply tags to AWS cloud connectors deployed through Cloud Organization Connectors. We now extend the feature to Azure and GCP Cloud Provider connectors. This capability enables organizations to enforce stricter Role-Based Access Control (RBAC) for their cloud deployments within the Qualys platform. 

Additionally, with Qualys tags, users can achieve enhanced visibility on Alert rule configurations, simplifying the categorization and management of security findings. The alert rule and dashboard also extend the ability to filter the tags fetched from AWS Account (QQL tokens – aws.account.tags.key and aws.account.tags.value).

This functionality streamlines cloud security operations, ensuring efficient findings management while strengthening control and precision in addressing vulnerabilities and misconfigurations. 

CSPM Enhancements

Misconfiguration Reports for the OCI Cloud

With the new feature for Oracle Cloud, you can now generate detailed reports on detected misconfigurations. Reports can be built and exported in PDF or CSV formats, making it easy to share and analyze findings across teams. Additionally, you have the capability to create mandate reports aligned with over 40 global compliance standards using on-screen reports.

This functionality enhances compliance efforts, clearly showing your security posture and ensuring adherence to industry regulations. By offering customizable and comprehensive reporting options, you can efficiently manage and address Oracle Cloud misconfigurations, streamlining operational and compliance processes.

New CIS Benchmark Policies

Qualys, a leading provider of cloud security solutions, is dedicated to offering extensive coverage of the CIS Benchmarks and regularly releases CIS-certified policies in TotalCloud. Qualys also contributes to the development of new benchmarks through the CIS Community, ensuring that the benchmarks stay relevant and up to date.

TotalCloud will have new CIS versions in this release:

  • CIS Amazon Web Services Foundations Benchmark v4.0.1

Expand coverage for the Cloud Inventory

We have expanded the inventory for AWS AMIs, providing users with comprehensive details about the images. This lets you make informed decisions about their AMIs and ensures you use up-to-date and secure images.

By quickly identifying and filtering out decommissioned images, teams can reduce the risk of running vulnerable or outdated software, strengthening their overall security posture. Additionally, the convenience of having detailed image information readily available saves time and effort in managing AWS AMIs, allowing teams to focus on more critical tasks.

CDR Enhancements

Reports creation for CDR findings in CSV format

TotalCloud reporting functionality has been extended to include Cloud Detection and Response (CDR) events. This addition provides a comprehensive view of your cloud security threats by incorporating detailed CDR reports of the existing runtime security findings.

CDR reports can now be generated in CSV formats, matching the existing TotalCloud reporting formats. This consistency ensures seamless integration of CDR insights into your security overview, providing a holistic perspective on your cloud environment’s health and security stance.

Azure CDR appliance deployment and findings integration

TotalCloud CDR has been securing Azure Cloud environments by analyzing cloud flow logs. We now extend the CDR appliance support to Azure Cloud, like our existing support for AWS and GCP. This expansion provides consistent security across your multi-cloud environments.

With this new support, TotalCloud CDR leverages the AI framework to detect and respond to Azure cloud threats in real time. Our AI engine identifies anomalous behavior and potential threats by analyzing telemetry data such as Azure network traffic, user activity, and system logs, enabling swift mitigation and enhanced protection for your Azure cloud deployments.

Resources

Share your Comments

Comments

Your email address will not be published. Required fields are marked *