Skip navigation
1 2 Previous Next

EU Platform

19 Posts tagged with the pc tag
4

A new release of QualysGuard, Version 7.13 will be available in production on the QualysGuard EU Platform on February 20, 2014. The deployment is completely transparent to users and will require no downtime. The release will occur between 12 PM PDT (20:00 UTC) and 6:00 PM PDT (02:00 UTC next day).

 

QualysGuard VM and PC version 7.13 includes the following features:

Vulnerability Scorecard Report updates, New Compliance Scorecard Report, MS SQL Authentication – Auto Discover Database Instances, and multiple API enhancements (Ability to download API v2 CSV reports without headers, New HTTP Authentication options, New "Policy Merge” feature,  Policy Report XML now includes custom control references, Apache Authentication Support for multiple instances per host)

 

See QualysGuard 7.13 New Features and QualysGuard® 7.13 API Notification - 15 Day for more details.

 

To continue to receive notifications by email, please subscribe at EU Platform.

0

An update to QualysGuard, Version 7.12 will be available in production on the QualysGuard EU Platform on December 13, 2013. The deployment is completely transparent to users and will require no downtime. The release will occur on December 12 between 20:00 UTC and 02:00 UTC next day.

 

Release Details: QualysGuard 7.12 Update includes enhancements to QualysGuard Vulnerability Management (VM) and Policy Compliance (PC) reports, and API. See QualysGuard 7.12 Update.

 

Full release notes will be available to customers from within the Resources section of your QualysGuard account.

 

To continue to receive notifications by email, please subscribe at https://community.qualys.com/community/notifications-eu.

0

A new release of QualysGuard, Version 7.12 will be available in production on the QualysGuard EU Platform on November 18, 2013. The deployment is completely transparent to users and will require no downtime. The release will occur between 20:00 UTC and 02:00 UTC next day.

 

Release Details: QualysGuard 7.12 includes enhancements to QualysGuard Vulnerability Management (VM) and Policy Compliance (PC) reports, and API. See QualysGuard 7.12 New Features

 

Full release notes will be available to customers from within the Resources section of your QualysGuard account.

 

To continue to receive notifications by email, please subscribe at  https://community.qualys.com/community/notifications-eu

0

August 27 2013 update: We are currently working on a unplanned platform maintenance that has no impact on the application. As a consequence, QualysGuard 7.11 update will occur on August 28, 2013 between 19:00 UTC and 01:00 UTC next day.

 

Previous announcement:

A new release of QualysGuard, Version 7.11 will be available in production on the QualysGuard EU Platform on August 27, 2013. The deployment is completely transparent to users and will require no downtime. The release will occur between 19:00 UTC and 01:00 UTC next day.

 

Release Details: QualysGuard 7.11 includes enhancements to QualysGuard Vulnerability Management (VM) and Policy Compliance (PC) reports, and API. See QualysGuard 7.11 New Features

 

Full release notes will be available to customers from within the Resources section of your QualysGuard account.

 

To continue to receive notifications by email, please subscribe at https://community.qualys.com/community/notifications-eu

0

A new release of QualysGuard, Version 7.10 will be available in production on the QualysGuard EU Platform on July 9, 2013. This release is completely transparent to users and will require no downtime. The release will occur between July 8 at 19:00 UTC and 03:00 UTC the next day.

 

Release Details: QualysGuard 7.10 includes enhancements to QualysGuard Cloud Platform, Vulnerability Management (VM), Policy Compliance (PC) and API. See QualysGuard 7.10 features.

 

New QualysGuard Express Lite: The new service offering QualysGuard Express Lite for SMBs is launched with this release. See QualysGuard Express Lite features.

 

Full release notes will be available to customers from within the Resources section of your QualysGuard account.

 

To continue to receive notifications by email, please subscribe at https://community.qualys.com/community/notifications-eu

0

A new release of QualysGuard, Version 7.9, will be available in production for the QualysGuard EU Platform on May 10, 2013.

 

This release will be installed in production as part of the platform upgrade that will happen on May 9, 2013 during a 12-hour downtime starting at 19:00 UTC and ending at 7:00 AM UTC next day, and that have been announced here .

 

QualysGuard 7.9 includes enhancements to QualysGuard Cloud Platform, Vulnerability Management, Policy Compliance, SCAP and API.

 

Summary of the new features:

 

QualysGuard Cloud Platform Enhancements

Split Vulnerability Management (VM) and Policy Compliance (PC)

Vulnerability Management (VM) and Policy Compliance (PC) have been split into individual licenses. This means you can now have subscriptions with PC only or give individual users access to PC only.

 

Lieberman Enterprise Random Password Manager (ERPM) Support

Users now have the option to leverage their existing Lieberman Enterprise Random Password Manager (ERPM) vault for QualysGuard authenticated scans – vulnerability scans and compliance scans.

Screen Shot 2013-04-01 at 15.34.38 .png

Improved Support for IPv6 Scanning

We’ve improved support for scanning IPv6 hosts on your internal network using QualysGuard Scanner Appliances. You can choose to enable IPv6 scanning per appliance. Also for each appliance, you have the option to configure a static or dynamic IPv6 address for scanning.

Screen Shot 2013-04-01 at 15.39.44 .png

 

Improved Purge Host Workflow

The purge host workflow has been improved to include additional details. There is now a multi-step confirmation, which clearly identifies the type of data to be deleted (vulnerability data, compliance data or both) and the total number of hosts included in the purge operation.

Screen Shot 2013-04-01 at 15.39.57 .png

 

Session Expiration Warning

You will now see a warning before your session expires due to inactivity. When you see the warning, simply click “I am here!” and you can continue your work without interruption. If your session does expire then you’ll be prompted to log back in.

Screen Shot 2013-04-01 at 15.40.13 .png

 

QualysGuard VM Enhancements

Added Oracle DB Instance to Vulnerability Information

With this release you can view the Oracle DB instance a vulnerability was detected on. This information appears in scan reports when an Oracle authentication record was used for scanning. The Oracle DB instance includes the technology name, SID and port number like this: Oracle9:ora9206p:1521

 

Automatically Reopen a Single Ignored Ticket

The manual Ignore Vulnerability workflow available from the vulnerability reports has been enhanced with a new option to reopen the ticket associated with the ignored vulnerability in a set number of days that you specify. As a reminder, This function has been added to the automatic remediation policy in QualysGuard 7.5 in 2012.

 

Support for Microsoft Document (DOCX) Report Format

You can now run and download reports in Microsoft Word Open XML Document (DOCX) format. After saving a report in DOCX format, open it in Microsoft Word and customize the content as needed.

 

Unlimited number of IP addresses in the Excluded Hosts list

When you download the excluded hosts history to CSV or XML, the downloaded report will display the full list of IPs for each new action. In previous releases, the IPs list was truncated when more than 4,000 characters were included.

 

Dynamic Search Lists - Type Directly into Date Fields

When setting criteria for a dynamic search list you can now type directly into the date fields (Service Modified, User Modified and Published).

Screen Shot 2013-04-01 at 15.40.29 .png

 

Option Profiles - Enter up to 1500 Additional UDP Ports

The number of UDP ports you can enter into the Additional field in your scan options increased to 1500 ports.

 

Scorecard Reports - Default Format Changed to HTML

When running vulnerability scorecard reports, HTML is now the default report format. You can choose a different format when generating the report.

 

QualysGuard PC and SCAP Enhancements

New Policy Editor

This releases introduces a new policy editor with a new wizard for policy creation which will replace the current Policy Editor layout. Both workflows will initially be available, this new policy editor will be labeled as “Beta”.

 

The new policy editor is designed to be user-friendly with intuitive workflows and scalable for large policies, it includes a number of new functionalities:

  • Quick overview pane with the number of controls, the number of sections, the technologies associated, the applied groups, and more
  • Drag and drop of sections and controls
  • Quick search to directly access the control configuration page
  • Reference field to map a Qualys controls (CID) to authority documents or internal policies
  • New search control window only shows controls that are relevant to the policy
  • Quick navigation between controls using the arrow keys

New Policy UI main page.png

New Policy UI Section View.png

New Policy UI Control View.png

 

Run a Policy Report on a Single Host Instance

This release introduces the ability to generate a Policy Report for a single host or a single database instance. When a host is scanned, there may be multiple technologies detected and multiple instances of those technologies. By using this new reporting feature you can quickly generate a report on a single host or a single database instance that you select at run time.

Instance Report 1.png

Instance report 2.png    

 

Support for SCAP 1.2 Content

Using the PC/SCAP module, now you can perform SCAP scans to check compliance against SCAP 1.2 content as defined by SCAP 1.2 Specifications (http://scap.nist.gov/revision/1.2/) provided by NIST (http://www.nist.gov/index.html), in addition to SCAP 1.0 content.

SCAP Import.png

 

QualysGuard API Enhancements

Additional details about the API feature in QualysGuard 7.9 can be found here.

 

New API v2 to launch and delete VM scan

The “Vulnerability Scan” API v2 (/api/2.0/fo/scan/) is used to manage vulnerability scans. With this release we’ve added support for launching (new action=launch) and deleting vulnerability scans (new action=delete). The POST method is used to launch and delete scans. Also we’ve updated permissions for this API so now any user with permission to scan hosts in their account (not just Managers) also has permission to cancel pause and resume scans.

 

New Oracle Database Instance name in XML outputs

With this release users can view the Oracle DB instance a vulnerability was detected on. This information appears in scan reports when an Oracle authentication record was used for scanning. Multiple scan report DTDs have been updated to show vulnerability instance information:

  • Scan results DTD "scan-1.dtd" used by:
    • Ouput of API "/msp/scan.php”
    • Ouput of API "/msp/scan_report.php"
    • XML scan results downloaded using the User Interface
  • Scan report DTD "asset_data_report.dtd" used by:
    • Output of API "/msp/asset_data_report.php"
    • XML vulnerability reports downloaded using the User Interface
  • Vulnerability detection DTD "host_list_vm_detection_output.dtd" used by:
    • Output of API "/api/2.0/fo/asset/host/vm/detection/?action=list"
  • Host information DTD "get_host_info.dtd" used by:
    • Output of API "/msp/get_host_info.php"
  • Ticket list output DTD "ticket_list_output.dtd" used by:
    • Output of API "/msp/ticket_list.php"

 

“New Restricted IPs” API v2 – Manage Restricted IPs in the Subscription

The new “Restricted IPs” API v2 (/api/2.0/fo/setup/restricted_ips/) gives Managers (users assigned the Manager role) the ability to manage and update the list of restricted IPs within their subscription so this list stays in sync with their organization’s security policy.

 

“Ignore Vulnerability” API v1 – Reopen Ignored Vulnerabilities

Using the “Ignore Vulnerability” API v1 (/msp/ignore_vuln.php), users have the ability to set a “reopen after date” to reopen ignored vulnerabilities that are detected after a certain number of days (1-730) using the new input parameter “reopen_ignored_date”.

 

“Host Asset” API v2 – New Scan Date Filtering Parameters

The “Host Asset” API v2 (with the endpoint /api/2.0/fo/asset/host/) allows users to view hosts last scanned for vulnerabilities and/or compliance since a certain date. These new input parameters are now available: “vm_scan_since” and “compliance_scan_since”. These functions are already availalable for the “detection” API (/api/2.0/asset/host/vm/detection/).

 

“Report” API v2 – Support for DOCX Format

With this release users have the ability to create and download reports in Microsoft Word Open XML Document (DOCX) format using the “Report” v2 API (/api/2.0/fo/report/).

 

New “SCAP ARF Report” API v2

The new “SCAP ARF Report” API v2 (/api/2.0/fo/compliance/scap/arf/) allows users to create a SCAP scan report in Asset Reporting Format (ARF), a requirement in the SCAP 1.2 Specifications from NIST.

 

Full release notes will be available to customers from within the Resources section of your QualysGuard account.

 

To continue to receive notifications by email, please subscribe at https://community.qualys.com/community/notifications-eu

0

A new release of QualysGuard, Version 7.8 will be available in production on the QualysGuard EU datacenter on February 28, 2013. This release is completely transparent to users and will require no downtime. The release will occur between 20:00 UTC and 02:00 AM UTC.

 

QualysGuard 7.8 offers these benefits:

  • Discover and scan your Amazon EC2 and VPC assets in new ways, powered by Qualys integrations with Amazon APIs
  • Monitor, measure and compare the remediation performance of different teams in your organization
  • Better identify required patches for Linux
  • Manage private Certificate Authorities
  • Create your custom compliance controls for various Linux distributions

 

Amazon EC2 Asset Inventory and Scanning

New Amazon EC2 Data Connector: Users may now create Amazon EC2 asset Data Connectors, and QualysGuard will continuously import and synchronize their Amazon EC2 and VPC virtual machine Instance inventories into the QualysGuard asset database. Changes to existing instances (e.g., IP addresses) are automatically updated in the QualysGuard asset database. Users simply need to provide a read-only credential for each of their Amazon accounts, and QualysGuard automates the rest through communications with Amazon APIs.

 

Dynamic Asset Tags, which can drive your workflow and reporting throughout QualysGuard, may be automatically assigned to assets as part of the import process. Instance information and metadata (e.g., AMI ID, Instance launch time) about your Amazon EC2 and VPC Instances are also captured and available as data points to inform further Dynamic Asset Tagging within QualysGuard.

 

image00.jpg

 

Pre-authorized Amazon EC2 scanning: QualysGuard 7.8 introduces a new Amazon EC2 Scanning workflow in QualysGuard VM which works in concert with the Amazon EC2 data connector to provide an integrated scanning capability that will effectively target your Instances at their current IP address and prevent accidental targeting of Instances owned by other Amazon customers.  Due to this tight integration, Amazon EC2 Scanning using QualysGuard is pre-authorized by Amazon, allowing on-demand and scheduled scanning in Amazon EC2 and VPC without the need to obtain pre-approval from Amazon through their standard authorization process.

 

In this initial release, the pre-authorized Amazon EC2 Scanning is available for internal private IP scanning in Amazon EC2 and VPC, leveraging an instance of the QualysGuard Virtual Scanner Appliance (Pre-Authorized) which you deploy into your own Amazon account from our AMI (Amazon Machine Image) template posted in AWS Marketplace.

 

image01.jpg

 

QualysGuard Platform Enhancements

Hitachi ID Password Manager (PAM) Support: Users now have the option to leverage their existing Hitachi ID Password Manager for their QualysGuard authenticated scans – for both vulnerability scans and compliance scans of Windows and Unix hosts.

 

Import Trusted Certificate Authorities: The scanner uses public, well known root certificate authorities and intermediate certificate authorities to establish SSL connections and validate SSL certificates. This release introduces the ability for customers to create a list of private certificate authorities for use by the scanner within the customer’s subscription. The scanner will use the custom list of trusted certificate authorities in addition to the well known certificate authorities already used by QualysGuard whenever SSL verification is needed.

Screen Shot 2013-02-07 at 13.41.23 .png

 

Force password change after first login: Managers now have the option to force users to change their password when they log in for the first time. This is a subscription level option that affects all new user accounts.

 

Scheduled Scan Improvements: Scheduled scans will not be deactivated when asset tags don’t resolve to hosts at launch time. QualysGuard skips the scan and sets the next launch date to the future. You’ll notice the skipped scan appears in the activity log for your reference.

 

Change email address that sends notifications: Scheduled scan e-mail notifications will no longer be sent from the e-mail address "support [at] qualys.com” in an effort to keep these notifications from being mistaken for spam. These emails will now be sent from “qualys [at] qualys.com".

 

Enhancement to Data Lists: This release provides the ability to resize columns of the data lists throughout the UI, and view number of selected rows and clear selections in the action button.

 

Support of Static IPv6 for Scanner Appliance LAN interface: Use the QualysGuard UI to set up a static IPv6 address to the LAN interface of the scanner appliance when the WAN interface is used to connect to the QualysGuard Cloud Platform.

Note: This feature will be exposed in the UI after an automatic appliance upgrade that will be pushed in March 2013.

 

QualysGuard VM Enhancements

New Vulnerability Scorecards With Goals and Management Metrics: In this release, users can create new Scorecard templates to monitor the performance of the various teams in charge of the remediation of the vulnerabilities that must be fixed per the company security policy. Goals can also be created to quickly review the overall risk posture of different groups or Business Units. And additional vulnerability management metrics allow managers to do a better job at tracking the remediation efforts of the company.

bug_vm_report_tags.jpg

 

scorecard_report_mid.jpg

 

Non-Running Linux Kernel Filtering in Patch Report: This release introduces a new filter "kernel filtering" in the patch report templates. When "kernel filtering" is enabled, then only patches for vulnerabilities detected on the active/running Linux kernels are included in the report.

 

Legacy Compliance Information in QIDs Has Been Deprecated - use QualysGuard Policy Compliance instead: The ability to search for and report on vulnerabilities (QIDs) based on compliance information for CobIT, HIPAA, GLBA and SOX has been deprecated. This functionality will be completely removed from the application in a future release. Note that you can still search for QIDs associated with PCI Compliance.

 

QualysGuard PC Enhancements

Additional Unix Technologies Added to User Defined Controls: In this release additional Unix technologies have been added: CentOS 6.x, Oracle Enterprise Linux 6.x, Red Hat Enterprise Linux 6.x, and Ubuntu 10.x, 11.x, 12.x.

 

QualysGuard API Enhancements

Full details about the API feature in QualysGuard 7.8 can be found here.

 

VM Scan Results in XML: With QualysGuard 7.8, XML scan results show tags resolved to host assets when Asset Tagging is enabled for the subscription and a user runs a report using asset tags. This XML output can be downloaded manually using the User Interface, or directly using the API "scan_report.php" and the DTD "scan-1.dtd" was updated.

 

CIDR support to “asset_ip” API v1 and add an unlimited number of IP: The API v1 "/msp/asset_ip.php" now allows users to add IP ranges using the CIDR notation which may be used to virtually add an unlimited number of IP addresses (if subscription permits). For example, an entire class A network can be added by using "10.0.0.0/8".

 

CIDR supports to "asset_group" API v1: The API v1 "/msp/asset_group.php" now support CIDR notation to easily create and update asset groups using the API.

 

"detection" API Update To  Exclude Vulnerabilities Found on Non-Running Kernels: The “Detection” API v2 (/api/2.0/fo/asset/host/vm/detection/) gives API users the ability to obtain “automatic” vulnerability detection data that can be easily imported into a third party solution. For QualysGuard 7.8 users can specify the new “active_kernels_only=1” parameter to exclude vulnerabilities found on non-running Linux kernels from the XML output. This new parameter is available to users who have the New Data Security Model enabled for their subscription.

 

Full release notes will be available to customers from within the Resources section of your QualysGuard account.

 

Notifications for the QualysGuard releases in the US datacenter are posted here: https://community.qualys.com/community/notifications-us

 

To continue to receive notifications by email, please subscribe at https://community.qualys.com/community/notifications-eu/

0

A new release of QualysGuard, Version 7.7, will be available in production on the QualysGuard EU datacenter on January 3, 2013.

The deployment of this release is completely transparent to users (no downtime) and will occur between 20:00 UTC and 02:00 UTC next day.

 

QualysGuard 7.7 includes enhancements to Asset Tagging, QualysGuard Cloud Platform Enhancements, Policy Compliance and API.

 

Enhancements to Asset Tagging

 

Improved Tag Selector: The tag selector has a new look and feel and optimized functionality to search for specific tags you want to use for your reports, asset search and scans. You can choose between 2 views: the first view presents your favorite and most used tags and the second view give you access to the full tag hierarchy.

 

Screen Shot 2012-12-04 at 19.57.19 .png

 

Screen Shot 2012-12-04 at 19.57.24 .png

 

Advanced Tag Selections: Users have the ability to make more complex tag selections when choosing tags for scanning, reporting and asset search. You can now choose tags that identify hosts you want to include in the target and hosts you want to exclude from the target. You also decide whether you want to match any (logical OR) of your selected tags or all (logical AND) of your selected tags.

 

Scan All IP Addresses Defined in Tags: You now have the option to scan all IP addresses defined in dynamic tags defined by IP ranges. When launching or scheduling a scan, you’ll see an option “Use IP Network Range Tags”. This means you can scan all IP addresses defined in selected tags. Note that only tags with the IP address rule (called “IP Address In Network Range(s)”) can be selected with this option.

 

Asset Tag Information Displayed in Reports: Asset tags are now displayed in scan reports and asset search reports. Note that you must run a report using tags to see tags in the report output.

Screen Shot 2012-12-04 at 20.02.29 .png

Screen Shot 2012-12-04 at 20.02.37 .png

QualysGuard Cloud Platform Enhancements

 

Support for SAML 2.0 Single Sign On: The QualysGuard service now supports SAML SSO for user authentication. This gives you full control over the authentication of hosted user accounts that can access our cloud security services. Using SAML, Qualys acts as a Service Provider and your organization’s SSO solution acts as an Identity Provider that manages usernames, passwords and configurations used to authenticate users for our services.

 

Agentless Host Tracking: The new "Agentless Tracking" feature allows customers to track hosts by a unique host ID, instead of relying on the IP address (or DNS name or NetBIOS name) to identify the host.

In QualysGuard 7.7, when enabled, the service will tag target Windows and/or Unix hosts with a unique host ID during the scanning process and reports on the host ID for the current and future scans of the same host. This provides a scan option for customers who would like to scan systems with multiple IP addresses and parse the results in order to manually consolidate all vulnerability data for a unique host ID.

This is the first implementation of the Agentless Host Tracking feature. It requires manual processing of the scan results by the user. In the future, QualysGuard will be able to use this unique host ID for automatic host tracking.

 

Significant Updates to Virtual Scanner Appliance:  The QualysGuard Virtual Scanner Appliance feature set has now been effectively standardized across all platform distributions, and all distributions have the most advanced feature set available.  A single virtual scanner deployment workflow is now provided to the user, as the previous “Consultant” and “Enterprise” designations have been retired.  Users are also presented with a new scanner image distribution matrix, which aids the selection of the appropriate distribution for your platform.

 

Screen Shot 2012-12-04 at 19.45.29 .png

QualysGuard Policy Compliance (PC) Enhancements

 

New Compliance Policy Library page: In QualysGuard 7.7, the Compliance Policy Library has been updated to include search functionality and pagination to help users more easily find the policies they’re interested in. 

 

image-1.png

 

 

Support for Windows 8 and Windows 2012 Server Technologies:  In QualysGuard 7.7, the Compliance Policy Library now provides the ability to build User Defined Controls (UDCs) and  policies for both Windows 8 and Windows 2012.

 

Unix File Content Check – Increased Amount of Data Returned: When returning the Actual value for a control, the service will truncate the value in cases where the data returned from the control evaluation exceeds a set limit. This limit was increased for Unix File Content Check user defined controls from 4000 bytes of data to a maximum of 16000 bytes of data.

 

QualysGuard API Enhancements

Full details about the API feature in QualysGuard 7.7 can be found here.

 

Detailed Asset Tag Information added to XML Reports: With QualysGuard 7.7, XML reports show tags resolved to host assets when a user runs a report using asset tags.

 

Improvements of “PC Scan” API v2 for Asset Tag Selection: The API v2 "/api/2.0/fo/scan/compliance/" with "action=launch" allows users to launch compliance scans using asset tags. QualysGuard 7.7 will now allows users to launch scans using more complex tag selections (match any tags, include and exclude tags) and launch scans on IPs defined in tags.

 

Support for Agentless Tracking added to “Scan Authentication” API v2: Windows authentication API "/api/2.0/fo/auth/windows/" and Unix authentication API "/api/2.0/fo/auth/unix/" have been updated to support the new Agentless Tracking feature presented above.

 

 

Full release notes will be available to customers from within the Resources section of your QualysGuard account.

 

To continue to receive notifications by email, please subscribe at https://community.qualys.com/community/notifications-eu

0

 

A new release of QualysGuard, Version 7.6, will be available in production on the QualysGuard EU datacenter on December 4, 2012. This release is completely transparent to users and will require no downtime. The release will occur between 20:00 UTC and 02:00 UTC next day.

 

QualysGuard 7.6 includes enhancements to Vulnerability Management, Policy Compliance and the API.

 

QualysGuard Vulnerability Management (VM) Enhancements

 

Support for authenticated scanning for IBM DB2 database: This release introduces the ability to authenticate to IBM DB2 database instances during vulnerability scans which enhances the fingerprinting of the version and the scanning capability. IBM DB2 authentication was formerly only supported for compliance scans.

 

QualysGuard Policy Compliance (PC) Enhancements

 

New Unit Manager extended permission: Managers now have the ability to grant individual Unit Managers permission to create, delete and edit compliance policies for hosts in their business unit. Now, business units can perform their compliance scans and reports independently, while the managers can generate reports across all business units.

Screen Shot 2012-11-10 at 4.24.27 PM.png

 

QualysGuard API Enhancements

 

Full details about the API feature in QualysGuard 7.6 can be found here.

 

Update to “/api/2.0/fo/auth/db2/” API to support authenticated VM scans of IBM DB2 database: A new request parameter for this API, called “pc_only” can be used to configure DB2 authentication records for PC scans only (pc_only=1) or for both PC and VM scans (pc_only=0).

 

Full release notes will be available to customers from within the Resources section of your QualysGuard account.

 

To continue to receive notifications by email, please subscribe at https://community.qualys.com/community/notifications-eu/ .

 

 


0

A new release of QualysGuard, Version 7.5 will be available in production on the QualysGuard EU datacenter on October 23, 2012. This release is completely transparent to users and will require no downtime. The release will occur between 19:00 PM UTC and 01:00 AM UTC next day.

 

QualysGuard 7.5 includes several enhancements to the QualysGuard Cloud Platform, Vulnerability Management, Policy Compliance and API.

 

QualysGuard Cloud Platform Enhancements

 

Support for Continuous Scanning: This new type of scan allows users to configure a scheduled scan task to automatically launch a new scan once the previous instance finishes. This gives users the ability to easily perform continuous type of scanning (VM and PC) across their network.

 

Option to Prevent Overlapping Scheduled Scans: With this option the service will prevent a new instance of a schedule scan from starting when the previous instance is still running.

 

New Scanner Calendar: The new scanner calendar now provides users with an immediate insight into scans and maps activity for a single scanner appliance. The calendar provides a visual layout of scans for the selected scanner. This complements the scanning calendar released in 7.4. It helps users review and analyze past and scheduled scans and identify potential scans' schedule conflicts for a single appliance.

Screen Shot 2012-10-04 at 13.10.32 .png

 

New Scanner Appliance capacity chart: In this release, the scanner appliance information page will display a chart to report on the capacity of the appliance for the past 7 days.

Screen Shot 2012-10-04 at 13.05.39 .png

 

Improvements to the Appliances List: The Appliances list includes several improvements to help users understand the status of each appliance and to see its available capacity for scanning. In addition, the associated downloadable data list has been updated to reflect these changes.

Screen Shot 2012-10-04 at 13.12.24 .png

 

Improvements to the Scans List: The Scans list for VM and PC includes several improvements to provide additional scan information at a glance. New icons identify the scan status combined with the processing status, and the preview pane provides a summary of the results. The associated downloadable data list has been updated to reflect these changes.

Screen Shot 2012-10-04 at 13.12.05 .png

Passwords for Database Authentication Records can now be stored in Password Vaults: When creating database authentication records, such as Oracle, MSSQL and DB2, users now have the ability to store passwords in password vaults supported by QualysGuard, including Cyber-Ark, Thycotic, Quest TPAM and CA Access Manager. These records are used for both vulnerability and compliance trusted scans.

 

Managers and Unit Managers can now manage Report Distribution Groups created by other users: Distribution groups are used for sending out report notifications to list of e-mail addresses.  In QualysGuard 7.5, Managers and Unit Managers now have the privileges to manage the distribution groups created by their sub-users.

 

Restrict Unit Managers from Adding Virtual Scanner Appliances:  Managers now have the ability to remove the privilege to add virtual appliance from any Unit Manager within the subscription.

 

QualysGuard Vulnerability Management (VM) Enhancements

 

Updates to remediation workflow to provide better flexibility in vulnerability exception handling capabilities: In this release, we made multiple important changes to the remediation functions to help customers to better manage exceptions for vulnerabilities that cannot be fixed or need to be ignored for many reasons. This will improve the way QualysGuard can support exception management for risk acceptance processes and prioritization of their remediation efforts.

 

These enhancements will allow customers to:

  • Automatically ignore vulnerabilities for assets or asset groups by creating tickets in closed/ignored state.
  • Set an expiration date for closed/ignored tickets and QualysGuard will automatically reopen these tickets upon the expiration date.

 

By ignoring vulnerabilities to handle exceptions, associated remediation tickets will always be created for documentation and tracking.

 

New Remediation policy rule to automatically create tickets in the Closed/Ignored state: Users can now define a remediation policy rule that will result in tickets being created in the Closed/Ignored state to support the improvements described above. An optional expiration period can be configured to automatically reopen the ticket and the vulnerability in a set number of days.

 

Batch edit Closed/Ignored tickets to set expiration period: It is a good practice to review on a regular basis the ignored vulnerabilities. In this release, new options are available to bulk edit Closed/Ignored tickets to set a number of days before tickets and vulnerabilities are reopened, so they can be included back into the remediation process.

 

Support for OPatch “invPtrLoc” parameter for Oracle Database scans: The “invPtrLoc” parameter is now supported for OPatch detections within the Oracle authentication record settings. This allows users to identify a custom inventory for patches by entering the path to the oraInst.loc file within the Unix parameters section.

 

QualysGuard Policy Compliance (PC) Enhancements

 

Restrict Scan to Multiple Policies: Users have now the ability to restrict compliance scans to multiple policies (up to 10 instead of 1 in prior releases). When the option “Restrict by Policies” is selected, the service will only retrieve the data points required for the controls contained in the policies selected.

 

New User Defined Control (UDC) for Share Access Check: This release introduces a new Windows type of UDC called Share Access Check. This control returns a list of readable shares and directories accessible by certain users.

This new control can typically to used to:

  • Identify shared folders accessible by everyone including non-authenticated users
  • Verify that specific users or user groups do not have access to restricted folders
  • Audit a specific user in a case of an incident, and identify all shared folders accessible across a large number of servers

 

Scans performed with non-admin privileges will now be processed: On Windows host only, the QualysGuard Service will now process data points retrieved during a scan using non administrator type of account. This provides new users the ability to quickly perform test scans, or for advanced users the ability to create a new non-admin role used for all Qualys scans.

 

New host OS information in Policy Reports: In this release, the Compliance Policy Report will now present the OS information for each host in the Host Statistics section.

 

New section to display Authentication Issues in PC compliance reports: In this new release, compliance reports will include a new section called "Scan Authentication" that will help users troubleshoot scan authentication issues by presenting the list of hosts for which the authentication have failed during the scan and the reason why it failed.

Screen Shot 2012-10-04 at 14.06.25 .png

QualysGuard API Enhancements

 

Full details about the API feature in QualysGuard 7.5 can be found here

 

New API to launch Policy Compliance scans: “/api/2.0/fo/scan/compliance/” with “action=launch”

 

Update to “scan_list_output.dtd” DTD for XML output of the new “/api/2.0/fo/scan/compliance/?action=list” API request only

 

Update to Policy Compliance XML scan results with a new section to show scan authentication issues

 

Update to Policy Compliance XML reports generated with the UI or the API “/api/2.0/fo/report/?action=fetch”.  <HOST_STATISTICS> section now contains the Operating System information

 

Update to “/api/2.0/fo/auth/oracle/” API with a option to support “invPtrLoc” file path

 

Update to “/msp/ticket_edit.php” API with a new option to support reopen date

 

“/msp/scheduled_scans.php” XML output updated to show continuous tasks

 

 

Full release notes will be available to customers from within the Resources section of your QualysGuard account

0

A new release of QualysGuard®, Version 7.4, will be available in production on the QualysGuard EU datacenter on September 11, 2012. The deployment is completely transparent to users and will require no downtime. The release will occur between 19:00 UTC and 01:00 AM UTC next day.

 

QualysGuard 7.4 includes several enhancements to QualysGuard Cloud Platform, Vulnerability Management, PCI Compliance, Policy Compliance and API.

 

QualysGuard Cloud Platform Enhancements

 

A New Scan Calendar provides users with an immediate insight into scans and maps activity. The calendar keeps record of all maps and scans that have been performed in the past, and also gives visibility on scheduled tasks that are coming in the future. This is a great tool that simplifies the creation of an efficient scanning strategy by helping users to visualize when scan are not launched during the allowed scan windows, or when appliances are used for multiple jobs at the same time.

 

Support for Computer Associates Access Control Enterprise Manager: Users now have the option to store host’s passwords into their existing Computer Associates Access Control (CA AC) to run QualysGuard authenticated scans – for both vulnerability scans and compliance scans of Windows and Unix systems.

 

QualysGuard Vulnerability Management (VM) Enhancements

 

Remote Discovery of VMware ESX and ESXi Vulnerabilities: QualysGuard VM has improved and streamlined its interaction with VMware vSphere. Both VMware vSphere ESXi and ESX hosts running version 4.0 or greater are now fully assessed for vulnerabilities through an unauthenticated communication with the vSphere API on port 443 (by default, but this is configurable) of the targeted hosts. This represents a change for existing QualysGuard Vulnerability Management users who have been scanning VMware ESX targets, specifically.

 

Advanced Search Capabilities for Dates in the Vulnerability Knowledge Base and Search Lists: Now users can create search queries such as “past 60 days” or “past month” for the Published Date, Service Modified Date and User Modified Date, so it becomes easy to generate reports that only focus on a specific time frame such as the past month, without the need to manually edit the filters.

 

Scan by DNS Name using External Scanners: with this feature, users can launch VM scans on their internet hosts by only providing the Fully Qualified Domain Name (FQDN) of the hosts instead of the IP addresses. At scan time the scanner with perform a DNS query to discover the IP addresses before launching the scan.

 

Microsoft Patch Tuesday Predictions - Beta: QualysGuard predictive analytics engine provides users with vulnerability predictions and analyzes whether systems are vulnerable to attacks without the need to perform a new scan. A complimentary new dashboard widget called “New MS Patch Releases” leverages the predictive analytics engine for Microsoft Patch Tuesday vulnerabilities to give users a preview into the risk of the most recent vulnerabilities associated with Microsoft security bulletins, also without the need to perform scans.

 

PCI Compliance Enhancements

 

Introducing QualysGuard Express PCI: With QualysGuard 7.4 we are introducing Express PCI which is a dedicated VM service for QualysGuard Express customers who want to meet PCI compliance, per the current PCI DSS requirements from the PCI Council.

 

Reasons for PCI Compliance Status: The reasons for passing or failing PCI compliance are included with vulnerability information in the KnowledgeBase and in the PCI Technical Report, to help you understand compliance status for vulnerabilities detected by the service. These reasons apply to external PCI scans. The service is compliant with the requirements from the PCI Council, described in the PCI ASV Program Guide.

 

QualysGuard Policy Compliance (PC) Enhancements

 

CIS Certification in Policy Reports: In this release, Compliance Policy reports will automatically present the CIS Certified logo when using a locked CIS Certified Policy imported from the policy library. This will provide auditors the assurance that the report was built using one of the QualysGuard CIS Certified Policy.

 

New Error Status in Compliance Dashboard and Reports: PC now reports the new “Error” status for User Defined Controls (UDCs) in cases an error occur during control evaluation at scan time. The Error status is shown in PC Dashboard and compliance reports. In addition, users also have the option to mark evaluation errors as “Passed”. This can be used in situations where UDCs might not be applicable, such as software not installed, and data point cannot be found.

 

Host Last Scan Date Added to Policy Reports: The Host Statistics section of policy reports now includes the last scan date for each host included in the report.

 

New List of Policies in Controls Details: A new policy tab in the control (CID) information window shows the policies the control is used in.

 

Policy Search by CID: Users can search policies for specific CIDs.

 

QualysGuard API Enhancements

 

New API to manage VMware Authentication record: The new API provides the ability to create, delete or modify VMware authentication records used for authenticated scans. This can be highly valuable in dynamic environment where newly provisioned servers need to undergo a compliance scan automatically.

 

New FDCC Policy List API: This new API provides the ability to list all available FDCC policies. This function can be used in conjunction with the Cyberscope API to generate reports based on specific FDCC policies.

 

Reasons for PCI Compliance Status Added to the Knowledge Base API Output (v1 and v2): Reasons for failing PCI requirements for impacted vulnerabilities are now returned in the XML output of the “knowledgebase download” API v1 and v2.

 

Hosts Last Scan Date and Error Status Added to the XML Output of the Posture API: To reflect the enhancements of User Interface, the XML output of the posture API has been updated with the Host Last Scan Date and the Error status information.

 

Full release notes will be available to customers from within the Resources section of your QualysGuard account.

0

A new release of QualysGuard®, Version 7.3, will be available in production on the QualysGuard EU datacenter on July 25th, 2012. This release is completely transparent to users and will require no downtime. The release will occur between 19:00 UTC and  01:00 UTC next day.

 

QualysGuard 7.3 includes several enhancements to QualysGuard Cloud Platform, Vulnerability Management, Policy Compliance and API.

 

QualysGuard Cloud Platform enhancements

 

QualysGuard Virtual Scanner Appliance for Amazon EC2 and VPC: We are pleased to announce that the QualysGuard Virtual Scanner Appliance is now listed in the AWS Marketplace to simplify the access and provisioning procedures of the virtual scanners specifically built for scanning your Amazon EC2 and VPC instances. More details are available here.

 

Quest One Privileged Password Manager (formerly e-DMZ PAR) Support: Users now have the option to leverage their existing Quest One Privileged Password Manager (formerly e-DMZ PAR) for their QualysGuard authenticated scans – for both vulnerability scans and compliance scans of Windows and Unix hosts.

 

Support for VMware Authenticated Scanning and Mapping: Using QualysGuard 7.3 users have the ability to perform authenticated scans and maps of VMware vSphere components running ESXi 4.x and 5.x. The new VMware authentication record type is used to define settings for authenticated maps and scans. Authenticated scanning is supported for vulnerability scans and compliance scans.

 

QualysGuard Vulnerability Management (VM) Enhancements

 

Exclude Detections Found on Non-Running Linux Kernels in Vulnerability Reports: To help user in the process of prioritizing linux vulnerabilities, an option to exclude non-running Linux kernels from scan reports has been added to QualysGuard 7.3. When this option is selected in the scan report template, vulnerabilities found on non-running Linux kernels will be excluded from the scan report in order to only report on the vulnerabilities found on the actual running kernel that are most likely easier to exploit.

 

Support for Quarterly PCI Internal Scans: Per PCI DSS v2.0 requirement 11.2.1 and 11.2.3, PCI Council requires merchants to perform quarterly internal vulnerability scans and obtain a passing scan. And per requirement 6.2, the PCI Council requires merchants to establish a process to identify and assign risk rankings for newly discovered security vulnerabilities, and to ensure all High ranking vulnerabilities are fixed.  With QualysGuard 7.3, new specific reporting capabilities have been added to report on High ranking vulneraiblities and help in the remediation process.

 

QualysGuard Policy Compliance (PC) Enhancements

 

New Compliance Quick Start Guide: The new Compliance Quick Start Guide for Manager users provides helpful information to get started with running compliance scans and building policies for reporting. Check it out by selecting “Quick Start Guide” in your user menu.

 

User Defined Custom Control support for Windows WMI: PC User Defined Controls (UDC) coverage has been extended to check compliance of Windows hosts on specific configuration items available through WMI queries.

 

User Defined Control Default Values for Control Technologies: New in QualysGuard 7.3, UDC can be created with a default expected value. So when UDCs are inserted into a complinace policy, the expected value will be automatically set to the default value. An option to lock these UDC default values has been added if you don't want users to be able to change them in the while editing policies.

 

Improved Evidence Display in Compliance Reports: In QualysGuard 7.3, compliance reports have been enhanced for easier analysis of the evidence shown for controls. The expected value shows the control settings from the policy in an easy to understand format and a check mark indicates the value selected in the policy.

 

New Compliance Reports Workflow: This release introduces a new and easy workflow for generating compliance reports

 

QualysGuard API Enhancements

 

Enhancements to “appliance” v2 API: The “appliance” API v2 (/api/2.0/appliance/), which returns configuration information about the virtual and physical scanner appliances associated with a QualysGuard subscription, has been updated to return additional information that is already available from within the QualysGuard user interface. In QualysGuard 7.3, additional appliance information is returned in the XML output when the input parameter “output_mode=full” is provided. More information are available here.

 

New VMware Authentication Record API: Using QualysGuard 7.3 users have the ability to perform authenticated scanning and mapping of VMware vSphere components running VMware ESXi 4.x and 5.x. The new VMware authentication record type supports both authenticated scans and maps. The new VMware authentication record API (/api/2.0/fo/auth/vmware/?action=list) allows users to obtain a list of VMware authentication records in their account.

 

New Parameters for Cyberscope Report API: With this release the Cyberscope API functions support new input parameters to allow users to customize the required "OrganisationName" elements that are returned in the XML output.

 

 

Full release notes will be available to customers from within the Resources section of your QualysGuard account.

0

A new release of QualysGuard®, Version 7.2, will be available in production on the QualysGuard European datacenter on June 19th, 2012. This release is completely transparent to users and will require no scheduled downtime. The release will occur between 19:00 UTC and 01:00 UTC next day.

 

QualysGuard 7.2 includes several enhancements to Asset Management, Vulnerability Management, Policy Compliance and API.

 

General Availability of QualysGuard Asset Management and Tagging

 

QualysGuard Asset Management module, featuring the Dynamic Asset Tagging engine is now available to all customers. New capabilities include:

 

  • Scan, Report, and search hosts by Asset Tags: QualysGuard Vulnerability Management (VM) has integrated asset tagging into its core features and workflows.  Users are now able to leverage static and dynamic asset tags in scanning and reporting workflows and also extends to scorecards, remediation reports, and Asset Search.

 

  • Asset inventory search: The user can now search for hosts by specific attributes such as operating systems, applications, and open ports and services based on the data collected from the scans and indexed by the tagging engine.

 

QualysGuard Vulnerability Management (VM) Enhancements


Applications, Ports and Services Inventory: Computer attackers look in target organizations for vulnerable versions of software that can be remotely exploited.  The new data security model enables QualysGuard to unveil what applications and services are installed in your environment through an easy to search inventory.  Users have at their fingertips up to the minute visibility on software and network ingress points so the organization may properly defend and secure their assets.

 

QualysGuard Policy Compliance (PC) Enhancements

 

Support of Cyberscope report: Under the Federal Information Security Management Act of 2002 (FISMA), Governmental agencies are obliged to report on their information security statuses using a common tool called Cyberscope. With QualysGuard 7.2, customers with FDCC module enabled can scan their network and generate Cyberscope compatible XML reports, via new API functions, to meet these requirements.

 

Certified CIS benchmark policies for Microsoft Windows XP: In QualysGuard 7.2, PC users can use the Policy Library to import two new certified CIS benchmarks for:

  • “Microsoft Windows XP Enterprise Desktop Domain Member”
  • “Microsoft Windows XP Enterprise Desktop Standalone”

These two new certified policies will help users to meet CIS security standards by reporting any configuration settings that meet or are in violation with the policy for Windows XP operating systems in a standalone or domain member type of mode.

 

Import/Export capabilities for PC User Defined Controls: QualysGuard PC offers to customers an extensive control library that covers a large range of technologies, regulations, compliance frameworks and benchmarks.

For proprietary configuration settings, PC also offers to users the option to create their own User Defined Controls (UDC) for Windows or Unix operating systems (more information here: https://community.qualys.com/docs/DOC-2943).

The new UDC Import/Export functions available with QualysGuard 7.2 provide the user with the capabilities to:

  • Create UDC in XML using any third party XML editor tool, and import UDC in a QualysGuard PC subscription
  • Export existing UDCs from a QualysGuard PC account to an XML file
  • Share UDCs with other PC users

 

New Default PC Scan Option Profile and Report Template: Starting with QualysGuard 7.2, PC customers will now have the option to use a new default PC scan option profile configured with the most recommended scanning settings and a new default PC report template with the most interesting options preconfigured.

This new default option profile and report template will help new and existing PC customers to easily create scan jobs and generate meaningful reports in few clicks.

 

QualysGuard Platform Enhancements

 

New “Loading” Scan Status: In order to provide customers with a better control and visibility over the scanning activity in QualysGuard, a new “Loading” status has been added to the list of the existing scan status (Queued, Running, Finished, Canceling, Canceled, Pausing, Paused, Resuming) for Vulnerability Management Scans and Maps, Policy Compliances Scans and Web Application Scans.

With this improvement, users can easily tell when scans are in progress, when scan results are being loaded on the platform (status “Loading”), and when scan results are available for viewing (status “Finished”).

 

Improvements to Scan Duration Reporting: The improvements of the internal scanning messaging capabilities, that enable the new “Loading” scan status, also allow with QualysGuard 7.2 to finely report the scan duration by only counting the time when the scanners are performing a scan job. The time taken to load the scan results from the scanners to the platform are not anymore counted in the scan duration.

 

QualysGuard API Enhancements

 

New “Loading” Scan Status: Similar to the new “Loading” status displayed in the User Interface to inform users on the progress of scans and maps, the “Loading” status is also displayed in the output of the following APIs:

  • Scans List API v2: “/api/2.0/fo/scan/?action=list” (scan_list_output.dtd)
  • WAS Scans List API v2: “/api/2.0/fo/scan/was/?action=list” (was_scan_list_output.dtd)
  • Scan Reports List API v1: “/msp/scan_report_list.php” (scan_report_list.dtd)
  • Map Reports List API v1: “/msp/map_report_list.php” (map_report_list.dtd)
  • Running Scans List API v1: “/msp/scan_running_list.php” (scan_running_list.dtd)
  • Scan Results Report API v1: “/msp/scan_report.php” (and XML scan results download from the user interface - scan-1.dtd)

 

Please note that no DTD has been altered to support this enhancement. The “Loading” status is a new possible value for the existing XML nodes used to provide Status information. Full information is provided in the API release note.

 

Updated to Oracle Authentication API: With QualysGuard 7.2 users of Oracle Authentication API (/api/2.0/fo/aut/oracle) now have the ability to define new input parameters to enable OS-dependent checks for compliance scans of Windows and Unix hosts, and to enable OPatch support for compliance scans of Unix hosts.

The XML output from a Oracle record list request includes the new scan parameters. The oracle_auth_list_output.dtd was updated.

 

Report DTD Updates to Support Asset Tagging when available: Using the new Asset Management and Tagging module, user now have the ability to create reports by selecting asset tags for the report source using the QualysGuard user interface, when the Asset Tagging feature is turned on for their account. These report DTDs were updated to include asset tags: Asset Data Report (asset_data_report.dtd), Asset Search Report (asset_search_report.dtd) and Compliance Policy Report (compliance_policy_report.dtd).

 

Full release notes will be available to customers from within the Resources section of your QualysGuard account.

0

A new release of QualysGuard®, Version 6.24, will be available in production on Tuesday, February 7, 2012. This release is completely transparent to users and will require no scheduled downtime. The release will occur between  20:00 GMT(12 PM PST) and 02:00 AM GMT next day (6 PM PST).

 

QualysGuard 6.24 includes several enhancements including Virtual Scanners general availability and enhancements to Policy Compliance, API and platform capabilities:

 

QualysGuard Virtual Scanner Availability:

 

QualysGuard 6.24 includes the full release of the QualysGuard Virtual Scanner Appliance. The consultant version is easily deployed onto VMware (Workstation, Fusion, Player), Oracle VirtualBox, and other virtualization platforms, with a user console wizard allowing for a quick initial setup. Also available is an enterprise version provided as a packaged VMware vApp that can be effortlessly deployed into VMware vSphere and vCloud environments, requiring no direct console access to the virtual appliance itself.

 

QualysGuard Virtual Scanner Appliances are available to licensed customers for direct download from their QualysGuard account. For more on licensing, please contact your Qualys Technical Account Manager. For details on provisioning the virtual appliance, please refer to the appropriate user guide in the online help and follow the Qualys Community at https://community.qualys.com.

 

QualysGuard Enhancements:

  • Thycotic Server Integration: QualysGuard 6.24 includes integration with Thycotic Secret Server for authentication against Windows and UNIX assets, permitting customers to keep all authentication credentials used for scanning within their network perimeter.

secret server.jpg

 

  • OS CPE Support: QualysGuard 6.24 allows customers to display operating system information in Common Platform Enumeration (CPE) format, allowing for easier correlation and integration with products supporting that standard.

    cpe.jpg

 

 

 

QualysGuard Policy Compliance Enhancements:

 

  • Host Statistics in Policy Report: The Policy Report includes a new section called Host Statistics which includes a list of hosts in the policy with the percentage of control instances that passed on each host.

 

host statistics report.jpg

 

 

 

 

QualysGuard API Enhancements:

  • Final CVSS Score Added to Asset Data Report DTD: The final CVSS score calculated for each vulnerability detection now appears in the automatic asset data report DTD (asset_data_report.dtd) in the <CVSS_Final> element when the CVSS scoring feature is enabled for the user’s subscription.
  • New Share PCI Scan API: The new Share PCI Scan V2 API (/api/2.0/fo/scan/pci/) provides an automated way to share (export) finished PCI scans to PCI Merchant accounts and check the export status. PCI scans are vulnerability scans that were run with the option profile “Payment Card Industry (PCI) Options”.

 


 

Full release notes will be available to customers from within the Resources section of your QualysGuard account. To receive more information on QualysGuard 6.24, please visit the Qualys Community at https://community.qualys.com or contact your Technical Account Manager or Qualys' Technical Support Department at support@qualys.com.

0

A new release of QualysGuard®, Version 6.22, will be available in production on Tuesday, October 4th 2011. This release is completely transparent to users and will require no scheduled downtime. The release will occur between 12 PM PDT (19:00 GMT) and 6 PM PDT (01:00 AM GMT next day).

 

QualysGuard 6.22 includes the following enhancements:

QualysGuard Enhancements:

  • Exclude Hosts per Scan: QualysGuard 6.22 introduces the ability to exclude hosts on a per scan basis. Any user with scanning privileges can exclude hosts this way. This feature is supported for all IP-based scans, including vulnerability scans, compliance scans and FDCC scans.  When launching or scheduling a scan, enter the scan target in the Target Hosts section, and then enter the IP addresses/ranges you want to exclude from the scan in the Exclude IPs/Ranges field.

Exclude Hosts per Scan.png

QualysGuard Vulnerability Management Enhancements:

  • Improved VM Dashboard: With QualysGuard 6.22, an improved Vulnerability Management (VM) Dashboard is now available in the New UI. The VM Dashboard provides a one-page summary of your overall security posture.

VM Dashboard.PNG

  • Improved Oracle Patch (OPatch) Detections: OPatch is an Oracle-supplied utility that helps Oracle users apply and rollback patches for Oracle software. QualysGuard 6.22 provides the option to use the OPatch utility to obtain Oracle patch information during Oracle authenticated scans on Unix hosts.  To enable OPatch, create/edit an Oracle authentication record and provide the proper OPatch parameters:

OPatch.png

  • Patch Report Enhancements: With QualysGuard 6.22, the patch report template includes two new enhancements:
    1. The ability to specify how you want the patch severity calculated.
      Patch Severity.png
    2. The ability to selectively filter patches.
      Selective Patch Filtering.png
  • Published Date Added to KnowledgeBase: The KnowledgeBase includes a new column in QualysGuard 6.22 that shows the published date for each vulnerability. The published date is the date the vulnerability was added to the KnowledgeBase.

Published Date - Knowledgebase.pngThe search criteria has also been updated to include the published date for vulnerabilities:Published date - Search.png

QualysGuard Policy Compliance Enhancements:

  • PC Dashboard: QualysGuard 6.22 introduces a Policy Compliance (PC) Dashboard in the New UI. The PC Dashboard provides a one-page summary of your overall compliance status across all policies in your account.

PC Dashboard.png

  • Policy Summary Report: QualysGuard 6.22 also introduces a new Policy Summary report in the New UI.  The new Policy Summary provides a one-page summary of your compliance status for a specific policy. You can view the Policy Summary from the Reports section (Reports > Policy Summary) or link to it from the PC Dashboard (double-click any policy title under Top 5 Passing/Failing Policies).

Policy Dashboard.png

  • Policy Import/Export: QualysGuard 6.22 introduces the ability to import a compliance policy into your account from an XML file and export a compliance policy from your account to an XML file.  To import a policy directly into your account from an XML file, select New >Import Compliance Policy >Import from XML file from Policies:

Policy Import - Large.pngTo export a policy from your account, select the policy and click Export:Policy Export - Large.png

QualysGuard API Enhancements:

  • Exclude Hosts per Scan: With the introduction of the Exclude Hosts per Scan feature in QualysGuard 6.22, the scan.php V1 API and scheduled_scans.php V1 API have been updated to support a new, optional input parameter: "exclude_ip_per_scan".  This parameter takes a comma seperated list of IP addresses/ranges.  In addition, two new V2 APIs have been created to support this new feature:
    1. Excluded Hosts List (api/2.0/fo/asset/excluded_ip/?action=list) allows API users to request a list of excluded hosts.
    2. Excluded Hosts Change History (api/2.0/fo/asset/excluded_ip/history/?action=list) allows API users to request the change history for excluded hosts in the user’s subscription.
  • Asset Group Filtering for Policy Reports: With QualysGuard 6.22, the launch report V2 API (api/2.0/fo/report/?action=launch) has been updated to support a new, optional input parameter: "asset_group_ids".  This parameter takes a comma seperated list of Asset Group IDs.

 

Full release notes will be available to customers from within the Resources section of your QualysGuard account. To receive more information on QualysGuard 6.22, please visit the Qualys Community at https://community.qualys.com or contact your Technical Account Manager or Qualys' Technical Support Department at support@qualys.com.

1 2 Previous Next

Bookmarked By (0)

Actions