Skip navigation
1 2 Previous Next

EU Platform

19 Posts tagged with the vm tag
0

An update to QualysGuard, Version 7.12 will be available in production on the QualysGuard EU Platform on December 13, 2013. The deployment is completely transparent to users and will require no downtime. The release will occur on December 12 between 20:00 UTC and 02:00 UTC next day.

 

Release Details: QualysGuard 7.12 Update includes enhancements to QualysGuard Vulnerability Management (VM) and Policy Compliance (PC) reports, and API. See QualysGuard 7.12 Update.

 

Full release notes will be available to customers from within the Resources section of your QualysGuard account.

 

To continue to receive notifications by email, please subscribe at https://community.qualys.com/community/notifications-eu.

0

A new release of QualysGuard, Version 7.12 will be available in production on the QualysGuard EU Platform on November 18, 2013. The deployment is completely transparent to users and will require no downtime. The release will occur between 20:00 UTC and 02:00 UTC next day.

 

Release Details: QualysGuard 7.12 includes enhancements to QualysGuard Vulnerability Management (VM) and Policy Compliance (PC) reports, and API. See QualysGuard 7.12 New Features

 

Full release notes will be available to customers from within the Resources section of your QualysGuard account.

 

To continue to receive notifications by email, please subscribe at  https://community.qualys.com/community/notifications-eu

0

An update to QualysGuard, Version 7.11 will be available in production on the QualysGuard EU Platform on October 1, 2013. The deployment is completely transparent to users and will require no downtime. The release will occur between 12 PM PDT (19:00 UTC) and 6:00 PM PDT (01:00 UTC next day).

 

Release Details: QualysGuard 7.11 update includes enhancements to QualysGuard Vulnerability Management (VM). See QualysGuard 7.11 update: New Vulnerability Notification Feature

 

Full release notes will be available to customers from within the Resources section of your QualysGuard account.

 

To continue to receive notifications by email, please subscribe at https://community.qualys.com/community/notifications-eu

0

August 27 2013 update: We are currently working on a unplanned platform maintenance that has no impact on the application. As a consequence, QualysGuard 7.11 update will occur on August 28, 2013 between 19:00 UTC and 01:00 UTC next day.

 

Previous announcement:

A new release of QualysGuard, Version 7.11 will be available in production on the QualysGuard EU Platform on August 27, 2013. The deployment is completely transparent to users and will require no downtime. The release will occur between 19:00 UTC and 01:00 UTC next day.

 

Release Details: QualysGuard 7.11 includes enhancements to QualysGuard Vulnerability Management (VM) and Policy Compliance (PC) reports, and API. See QualysGuard 7.11 New Features

 

Full release notes will be available to customers from within the Resources section of your QualysGuard account.

 

To continue to receive notifications by email, please subscribe at https://community.qualys.com/community/notifications-eu

0

A new release of QualysGuard, Version 7.10 will be available in production on the QualysGuard EU Platform on July 9, 2013. This release is completely transparent to users and will require no downtime. The release will occur between July 8 at 19:00 UTC and 03:00 UTC the next day.

 

Release Details: QualysGuard 7.10 includes enhancements to QualysGuard Cloud Platform, Vulnerability Management (VM), Policy Compliance (PC) and API. See QualysGuard 7.10 features.

 

New QualysGuard Express Lite: The new service offering QualysGuard Express Lite for SMBs is launched with this release. See QualysGuard Express Lite features.

 

Full release notes will be available to customers from within the Resources section of your QualysGuard account.

 

To continue to receive notifications by email, please subscribe at https://community.qualys.com/community/notifications-eu

0

A new release of QualysGuard, Version 7.9, will be available in production for the QualysGuard EU Platform on May 10, 2013.

 

This release will be installed in production as part of the platform upgrade that will happen on May 9, 2013 during a 12-hour downtime starting at 19:00 UTC and ending at 7:00 AM UTC next day, and that have been announced here .

 

QualysGuard 7.9 includes enhancements to QualysGuard Cloud Platform, Vulnerability Management, Policy Compliance, SCAP and API.

 

Summary of the new features:

 

QualysGuard Cloud Platform Enhancements

Split Vulnerability Management (VM) and Policy Compliance (PC)

Vulnerability Management (VM) and Policy Compliance (PC) have been split into individual licenses. This means you can now have subscriptions with PC only or give individual users access to PC only.

 

Lieberman Enterprise Random Password Manager (ERPM) Support

Users now have the option to leverage their existing Lieberman Enterprise Random Password Manager (ERPM) vault for QualysGuard authenticated scans – vulnerability scans and compliance scans.

Screen Shot 2013-04-01 at 15.34.38 .png

Improved Support for IPv6 Scanning

We’ve improved support for scanning IPv6 hosts on your internal network using QualysGuard Scanner Appliances. You can choose to enable IPv6 scanning per appliance. Also for each appliance, you have the option to configure a static or dynamic IPv6 address for scanning.

Screen Shot 2013-04-01 at 15.39.44 .png

 

Improved Purge Host Workflow

The purge host workflow has been improved to include additional details. There is now a multi-step confirmation, which clearly identifies the type of data to be deleted (vulnerability data, compliance data or both) and the total number of hosts included in the purge operation.

Screen Shot 2013-04-01 at 15.39.57 .png

 

Session Expiration Warning

You will now see a warning before your session expires due to inactivity. When you see the warning, simply click “I am here!” and you can continue your work without interruption. If your session does expire then you’ll be prompted to log back in.

Screen Shot 2013-04-01 at 15.40.13 .png

 

QualysGuard VM Enhancements

Added Oracle DB Instance to Vulnerability Information

With this release you can view the Oracle DB instance a vulnerability was detected on. This information appears in scan reports when an Oracle authentication record was used for scanning. The Oracle DB instance includes the technology name, SID and port number like this: Oracle9:ora9206p:1521

 

Automatically Reopen a Single Ignored Ticket

The manual Ignore Vulnerability workflow available from the vulnerability reports has been enhanced with a new option to reopen the ticket associated with the ignored vulnerability in a set number of days that you specify. As a reminder, This function has been added to the automatic remediation policy in QualysGuard 7.5 in 2012.

 

Support for Microsoft Document (DOCX) Report Format

You can now run and download reports in Microsoft Word Open XML Document (DOCX) format. After saving a report in DOCX format, open it in Microsoft Word and customize the content as needed.

 

Unlimited number of IP addresses in the Excluded Hosts list

When you download the excluded hosts history to CSV or XML, the downloaded report will display the full list of IPs for each new action. In previous releases, the IPs list was truncated when more than 4,000 characters were included.

 

Dynamic Search Lists - Type Directly into Date Fields

When setting criteria for a dynamic search list you can now type directly into the date fields (Service Modified, User Modified and Published).

Screen Shot 2013-04-01 at 15.40.29 .png

 

Option Profiles - Enter up to 1500 Additional UDP Ports

The number of UDP ports you can enter into the Additional field in your scan options increased to 1500 ports.

 

Scorecard Reports - Default Format Changed to HTML

When running vulnerability scorecard reports, HTML is now the default report format. You can choose a different format when generating the report.

 

QualysGuard PC and SCAP Enhancements

New Policy Editor

This releases introduces a new policy editor with a new wizard for policy creation which will replace the current Policy Editor layout. Both workflows will initially be available, this new policy editor will be labeled as “Beta”.

 

The new policy editor is designed to be user-friendly with intuitive workflows and scalable for large policies, it includes a number of new functionalities:

  • Quick overview pane with the number of controls, the number of sections, the technologies associated, the applied groups, and more
  • Drag and drop of sections and controls
  • Quick search to directly access the control configuration page
  • Reference field to map a Qualys controls (CID) to authority documents or internal policies
  • New search control window only shows controls that are relevant to the policy
  • Quick navigation between controls using the arrow keys

New Policy UI main page.png

New Policy UI Section View.png

New Policy UI Control View.png

 

Run a Policy Report on a Single Host Instance

This release introduces the ability to generate a Policy Report for a single host or a single database instance. When a host is scanned, there may be multiple technologies detected and multiple instances of those technologies. By using this new reporting feature you can quickly generate a report on a single host or a single database instance that you select at run time.

Instance Report 1.png

Instance report 2.png    

 

Support for SCAP 1.2 Content

Using the PC/SCAP module, now you can perform SCAP scans to check compliance against SCAP 1.2 content as defined by SCAP 1.2 Specifications (http://scap.nist.gov/revision/1.2/) provided by NIST (http://www.nist.gov/index.html), in addition to SCAP 1.0 content.

SCAP Import.png

 

QualysGuard API Enhancements

Additional details about the API feature in QualysGuard 7.9 can be found here.

 

New API v2 to launch and delete VM scan

The “Vulnerability Scan” API v2 (/api/2.0/fo/scan/) is used to manage vulnerability scans. With this release we’ve added support for launching (new action=launch) and deleting vulnerability scans (new action=delete). The POST method is used to launch and delete scans. Also we’ve updated permissions for this API so now any user with permission to scan hosts in their account (not just Managers) also has permission to cancel pause and resume scans.

 

New Oracle Database Instance name in XML outputs

With this release users can view the Oracle DB instance a vulnerability was detected on. This information appears in scan reports when an Oracle authentication record was used for scanning. Multiple scan report DTDs have been updated to show vulnerability instance information:

  • Scan results DTD "scan-1.dtd" used by:
    • Ouput of API "/msp/scan.php”
    • Ouput of API "/msp/scan_report.php"
    • XML scan results downloaded using the User Interface
  • Scan report DTD "asset_data_report.dtd" used by:
    • Output of API "/msp/asset_data_report.php"
    • XML vulnerability reports downloaded using the User Interface
  • Vulnerability detection DTD "host_list_vm_detection_output.dtd" used by:
    • Output of API "/api/2.0/fo/asset/host/vm/detection/?action=list"
  • Host information DTD "get_host_info.dtd" used by:
    • Output of API "/msp/get_host_info.php"
  • Ticket list output DTD "ticket_list_output.dtd" used by:
    • Output of API "/msp/ticket_list.php"

 

“New Restricted IPs” API v2 – Manage Restricted IPs in the Subscription

The new “Restricted IPs” API v2 (/api/2.0/fo/setup/restricted_ips/) gives Managers (users assigned the Manager role) the ability to manage and update the list of restricted IPs within their subscription so this list stays in sync with their organization’s security policy.

 

“Ignore Vulnerability” API v1 – Reopen Ignored Vulnerabilities

Using the “Ignore Vulnerability” API v1 (/msp/ignore_vuln.php), users have the ability to set a “reopen after date” to reopen ignored vulnerabilities that are detected after a certain number of days (1-730) using the new input parameter “reopen_ignored_date”.

 

“Host Asset” API v2 – New Scan Date Filtering Parameters

The “Host Asset” API v2 (with the endpoint /api/2.0/fo/asset/host/) allows users to view hosts last scanned for vulnerabilities and/or compliance since a certain date. These new input parameters are now available: “vm_scan_since” and “compliance_scan_since”. These functions are already availalable for the “detection” API (/api/2.0/asset/host/vm/detection/).

 

“Report” API v2 – Support for DOCX Format

With this release users have the ability to create and download reports in Microsoft Word Open XML Document (DOCX) format using the “Report” v2 API (/api/2.0/fo/report/).

 

New “SCAP ARF Report” API v2

The new “SCAP ARF Report” API v2 (/api/2.0/fo/compliance/scap/arf/) allows users to create a SCAP scan report in Asset Reporting Format (ARF), a requirement in the SCAP 1.2 Specifications from NIST.

 

Full release notes will be available to customers from within the Resources section of your QualysGuard account.

 

To continue to receive notifications by email, please subscribe at https://community.qualys.com/community/notifications-eu

0

A new release of QualysGuard, Version 7.8 will be available in production on the QualysGuard EU datacenter on February 28, 2013. This release is completely transparent to users and will require no downtime. The release will occur between 20:00 UTC and 02:00 AM UTC.

 

QualysGuard 7.8 offers these benefits:

  • Discover and scan your Amazon EC2 and VPC assets in new ways, powered by Qualys integrations with Amazon APIs
  • Monitor, measure and compare the remediation performance of different teams in your organization
  • Better identify required patches for Linux
  • Manage private Certificate Authorities
  • Create your custom compliance controls for various Linux distributions

 

Amazon EC2 Asset Inventory and Scanning

New Amazon EC2 Data Connector: Users may now create Amazon EC2 asset Data Connectors, and QualysGuard will continuously import and synchronize their Amazon EC2 and VPC virtual machine Instance inventories into the QualysGuard asset database. Changes to existing instances (e.g., IP addresses) are automatically updated in the QualysGuard asset database. Users simply need to provide a read-only credential for each of their Amazon accounts, and QualysGuard automates the rest through communications with Amazon APIs.

 

Dynamic Asset Tags, which can drive your workflow and reporting throughout QualysGuard, may be automatically assigned to assets as part of the import process. Instance information and metadata (e.g., AMI ID, Instance launch time) about your Amazon EC2 and VPC Instances are also captured and available as data points to inform further Dynamic Asset Tagging within QualysGuard.

 

image00.jpg

 

Pre-authorized Amazon EC2 scanning: QualysGuard 7.8 introduces a new Amazon EC2 Scanning workflow in QualysGuard VM which works in concert with the Amazon EC2 data connector to provide an integrated scanning capability that will effectively target your Instances at their current IP address and prevent accidental targeting of Instances owned by other Amazon customers.  Due to this tight integration, Amazon EC2 Scanning using QualysGuard is pre-authorized by Amazon, allowing on-demand and scheduled scanning in Amazon EC2 and VPC without the need to obtain pre-approval from Amazon through their standard authorization process.

 

In this initial release, the pre-authorized Amazon EC2 Scanning is available for internal private IP scanning in Amazon EC2 and VPC, leveraging an instance of the QualysGuard Virtual Scanner Appliance (Pre-Authorized) which you deploy into your own Amazon account from our AMI (Amazon Machine Image) template posted in AWS Marketplace.

 

image01.jpg

 

QualysGuard Platform Enhancements

Hitachi ID Password Manager (PAM) Support: Users now have the option to leverage their existing Hitachi ID Password Manager for their QualysGuard authenticated scans – for both vulnerability scans and compliance scans of Windows and Unix hosts.

 

Import Trusted Certificate Authorities: The scanner uses public, well known root certificate authorities and intermediate certificate authorities to establish SSL connections and validate SSL certificates. This release introduces the ability for customers to create a list of private certificate authorities for use by the scanner within the customer’s subscription. The scanner will use the custom list of trusted certificate authorities in addition to the well known certificate authorities already used by QualysGuard whenever SSL verification is needed.

Screen Shot 2013-02-07 at 13.41.23 .png

 

Force password change after first login: Managers now have the option to force users to change their password when they log in for the first time. This is a subscription level option that affects all new user accounts.

 

Scheduled Scan Improvements: Scheduled scans will not be deactivated when asset tags don’t resolve to hosts at launch time. QualysGuard skips the scan and sets the next launch date to the future. You’ll notice the skipped scan appears in the activity log for your reference.

 

Change email address that sends notifications: Scheduled scan e-mail notifications will no longer be sent from the e-mail address "support [at] qualys.com” in an effort to keep these notifications from being mistaken for spam. These emails will now be sent from “qualys [at] qualys.com".

 

Enhancement to Data Lists: This release provides the ability to resize columns of the data lists throughout the UI, and view number of selected rows and clear selections in the action button.

 

Support of Static IPv6 for Scanner Appliance LAN interface: Use the QualysGuard UI to set up a static IPv6 address to the LAN interface of the scanner appliance when the WAN interface is used to connect to the QualysGuard Cloud Platform.

Note: This feature will be exposed in the UI after an automatic appliance upgrade that will be pushed in March 2013.

 

QualysGuard VM Enhancements

New Vulnerability Scorecards With Goals and Management Metrics: In this release, users can create new Scorecard templates to monitor the performance of the various teams in charge of the remediation of the vulnerabilities that must be fixed per the company security policy. Goals can also be created to quickly review the overall risk posture of different groups or Business Units. And additional vulnerability management metrics allow managers to do a better job at tracking the remediation efforts of the company.

bug_vm_report_tags.jpg

 

scorecard_report_mid.jpg

 

Non-Running Linux Kernel Filtering in Patch Report: This release introduces a new filter "kernel filtering" in the patch report templates. When "kernel filtering" is enabled, then only patches for vulnerabilities detected on the active/running Linux kernels are included in the report.

 

Legacy Compliance Information in QIDs Has Been Deprecated - use QualysGuard Policy Compliance instead: The ability to search for and report on vulnerabilities (QIDs) based on compliance information for CobIT, HIPAA, GLBA and SOX has been deprecated. This functionality will be completely removed from the application in a future release. Note that you can still search for QIDs associated with PCI Compliance.

 

QualysGuard PC Enhancements

Additional Unix Technologies Added to User Defined Controls: In this release additional Unix technologies have been added: CentOS 6.x, Oracle Enterprise Linux 6.x, Red Hat Enterprise Linux 6.x, and Ubuntu 10.x, 11.x, 12.x.

 

QualysGuard API Enhancements

Full details about the API feature in QualysGuard 7.8 can be found here.

 

VM Scan Results in XML: With QualysGuard 7.8, XML scan results show tags resolved to host assets when Asset Tagging is enabled for the subscription and a user runs a report using asset tags. This XML output can be downloaded manually using the User Interface, or directly using the API "scan_report.php" and the DTD "scan-1.dtd" was updated.

 

CIDR support to “asset_ip” API v1 and add an unlimited number of IP: The API v1 "/msp/asset_ip.php" now allows users to add IP ranges using the CIDR notation which may be used to virtually add an unlimited number of IP addresses (if subscription permits). For example, an entire class A network can be added by using "10.0.0.0/8".

 

CIDR supports to "asset_group" API v1: The API v1 "/msp/asset_group.php" now support CIDR notation to easily create and update asset groups using the API.

 

"detection" API Update To  Exclude Vulnerabilities Found on Non-Running Kernels: The “Detection” API v2 (/api/2.0/fo/asset/host/vm/detection/) gives API users the ability to obtain “automatic” vulnerability detection data that can be easily imported into a third party solution. For QualysGuard 7.8 users can specify the new “active_kernels_only=1” parameter to exclude vulnerabilities found on non-running Linux kernels from the XML output. This new parameter is available to users who have the New Data Security Model enabled for their subscription.

 

Full release notes will be available to customers from within the Resources section of your QualysGuard account.

 

Notifications for the QualysGuard releases in the US datacenter are posted here: https://community.qualys.com/community/notifications-us

 

To continue to receive notifications by email, please subscribe at https://community.qualys.com/community/notifications-eu/

0

A new release of QualysGuard, Version 7.7, will be available in production on the QualysGuard EU datacenter on January 3, 2013.

The deployment of this release is completely transparent to users (no downtime) and will occur between 20:00 UTC and 02:00 UTC next day.

 

QualysGuard 7.7 includes enhancements to Asset Tagging, QualysGuard Cloud Platform Enhancements, Policy Compliance and API.

 

Enhancements to Asset Tagging

 

Improved Tag Selector: The tag selector has a new look and feel and optimized functionality to search for specific tags you want to use for your reports, asset search and scans. You can choose between 2 views: the first view presents your favorite and most used tags and the second view give you access to the full tag hierarchy.

 

Screen Shot 2012-12-04 at 19.57.19 .png

 

Screen Shot 2012-12-04 at 19.57.24 .png

 

Advanced Tag Selections: Users have the ability to make more complex tag selections when choosing tags for scanning, reporting and asset search. You can now choose tags that identify hosts you want to include in the target and hosts you want to exclude from the target. You also decide whether you want to match any (logical OR) of your selected tags or all (logical AND) of your selected tags.

 

Scan All IP Addresses Defined in Tags: You now have the option to scan all IP addresses defined in dynamic tags defined by IP ranges. When launching or scheduling a scan, you’ll see an option “Use IP Network Range Tags”. This means you can scan all IP addresses defined in selected tags. Note that only tags with the IP address rule (called “IP Address In Network Range(s)”) can be selected with this option.

 

Asset Tag Information Displayed in Reports: Asset tags are now displayed in scan reports and asset search reports. Note that you must run a report using tags to see tags in the report output.

Screen Shot 2012-12-04 at 20.02.29 .png

Screen Shot 2012-12-04 at 20.02.37 .png

QualysGuard Cloud Platform Enhancements

 

Support for SAML 2.0 Single Sign On: The QualysGuard service now supports SAML SSO for user authentication. This gives you full control over the authentication of hosted user accounts that can access our cloud security services. Using SAML, Qualys acts as a Service Provider and your organization’s SSO solution acts as an Identity Provider that manages usernames, passwords and configurations used to authenticate users for our services.

 

Agentless Host Tracking: The new "Agentless Tracking" feature allows customers to track hosts by a unique host ID, instead of relying on the IP address (or DNS name or NetBIOS name) to identify the host.

In QualysGuard 7.7, when enabled, the service will tag target Windows and/or Unix hosts with a unique host ID during the scanning process and reports on the host ID for the current and future scans of the same host. This provides a scan option for customers who would like to scan systems with multiple IP addresses and parse the results in order to manually consolidate all vulnerability data for a unique host ID.

This is the first implementation of the Agentless Host Tracking feature. It requires manual processing of the scan results by the user. In the future, QualysGuard will be able to use this unique host ID for automatic host tracking.

 

Significant Updates to Virtual Scanner Appliance:  The QualysGuard Virtual Scanner Appliance feature set has now been effectively standardized across all platform distributions, and all distributions have the most advanced feature set available.  A single virtual scanner deployment workflow is now provided to the user, as the previous “Consultant” and “Enterprise” designations have been retired.  Users are also presented with a new scanner image distribution matrix, which aids the selection of the appropriate distribution for your platform.

 

Screen Shot 2012-12-04 at 19.45.29 .png

QualysGuard Policy Compliance (PC) Enhancements

 

New Compliance Policy Library page: In QualysGuard 7.7, the Compliance Policy Library has been updated to include search functionality and pagination to help users more easily find the policies they’re interested in. 

 

image-1.png

 

 

Support for Windows 8 and Windows 2012 Server Technologies:  In QualysGuard 7.7, the Compliance Policy Library now provides the ability to build User Defined Controls (UDCs) and  policies for both Windows 8 and Windows 2012.

 

Unix File Content Check – Increased Amount of Data Returned: When returning the Actual value for a control, the service will truncate the value in cases where the data returned from the control evaluation exceeds a set limit. This limit was increased for Unix File Content Check user defined controls from 4000 bytes of data to a maximum of 16000 bytes of data.

 

QualysGuard API Enhancements

Full details about the API feature in QualysGuard 7.7 can be found here.

 

Detailed Asset Tag Information added to XML Reports: With QualysGuard 7.7, XML reports show tags resolved to host assets when a user runs a report using asset tags.

 

Improvements of “PC Scan” API v2 for Asset Tag Selection: The API v2 "/api/2.0/fo/scan/compliance/" with "action=launch" allows users to launch compliance scans using asset tags. QualysGuard 7.7 will now allows users to launch scans using more complex tag selections (match any tags, include and exclude tags) and launch scans on IPs defined in tags.

 

Support for Agentless Tracking added to “Scan Authentication” API v2: Windows authentication API "/api/2.0/fo/auth/windows/" and Unix authentication API "/api/2.0/fo/auth/unix/" have been updated to support the new Agentless Tracking feature presented above.

 

 

Full release notes will be available to customers from within the Resources section of your QualysGuard account.

 

To continue to receive notifications by email, please subscribe at https://community.qualys.com/community/notifications-eu

0

 

A new release of QualysGuard, Version 7.6, will be available in production on the QualysGuard EU datacenter on December 4, 2012. This release is completely transparent to users and will require no downtime. The release will occur between 20:00 UTC and 02:00 UTC next day.

 

QualysGuard 7.6 includes enhancements to Vulnerability Management, Policy Compliance and the API.

 

QualysGuard Vulnerability Management (VM) Enhancements

 

Support for authenticated scanning for IBM DB2 database: This release introduces the ability to authenticate to IBM DB2 database instances during vulnerability scans which enhances the fingerprinting of the version and the scanning capability. IBM DB2 authentication was formerly only supported for compliance scans.

 

QualysGuard Policy Compliance (PC) Enhancements

 

New Unit Manager extended permission: Managers now have the ability to grant individual Unit Managers permission to create, delete and edit compliance policies for hosts in their business unit. Now, business units can perform their compliance scans and reports independently, while the managers can generate reports across all business units.

Screen Shot 2012-11-10 at 4.24.27 PM.png

 

QualysGuard API Enhancements

 

Full details about the API feature in QualysGuard 7.6 can be found here.

 

Update to “/api/2.0/fo/auth/db2/” API to support authenticated VM scans of IBM DB2 database: A new request parameter for this API, called “pc_only” can be used to configure DB2 authentication records for PC scans only (pc_only=1) or for both PC and VM scans (pc_only=0).

 

Full release notes will be available to customers from within the Resources section of your QualysGuard account.

 

To continue to receive notifications by email, please subscribe at https://community.qualys.com/community/notifications-eu/ .

 

 


0

A new release of QualysGuard, Version 7.5 will be available in production on the QualysGuard EU datacenter on October 23, 2012. This release is completely transparent to users and will require no downtime. The release will occur between 19:00 PM UTC and 01:00 AM UTC next day.

 

QualysGuard 7.5 includes several enhancements to the QualysGuard Cloud Platform, Vulnerability Management, Policy Compliance and API.

 

QualysGuard Cloud Platform Enhancements

 

Support for Continuous Scanning: This new type of scan allows users to configure a scheduled scan task to automatically launch a new scan once the previous instance finishes. This gives users the ability to easily perform continuous type of scanning (VM and PC) across their network.

 

Option to Prevent Overlapping Scheduled Scans: With this option the service will prevent a new instance of a schedule scan from starting when the previous instance is still running.

 

New Scanner Calendar: The new scanner calendar now provides users with an immediate insight into scans and maps activity for a single scanner appliance. The calendar provides a visual layout of scans for the selected scanner. This complements the scanning calendar released in 7.4. It helps users review and analyze past and scheduled scans and identify potential scans' schedule conflicts for a single appliance.

Screen Shot 2012-10-04 at 13.10.32 .png

 

New Scanner Appliance capacity chart: In this release, the scanner appliance information page will display a chart to report on the capacity of the appliance for the past 7 days.

Screen Shot 2012-10-04 at 13.05.39 .png

 

Improvements to the Appliances List: The Appliances list includes several improvements to help users understand the status of each appliance and to see its available capacity for scanning. In addition, the associated downloadable data list has been updated to reflect these changes.

Screen Shot 2012-10-04 at 13.12.24 .png

 

Improvements to the Scans List: The Scans list for VM and PC includes several improvements to provide additional scan information at a glance. New icons identify the scan status combined with the processing status, and the preview pane provides a summary of the results. The associated downloadable data list has been updated to reflect these changes.

Screen Shot 2012-10-04 at 13.12.05 .png

Passwords for Database Authentication Records can now be stored in Password Vaults: When creating database authentication records, such as Oracle, MSSQL and DB2, users now have the ability to store passwords in password vaults supported by QualysGuard, including Cyber-Ark, Thycotic, Quest TPAM and CA Access Manager. These records are used for both vulnerability and compliance trusted scans.

 

Managers and Unit Managers can now manage Report Distribution Groups created by other users: Distribution groups are used for sending out report notifications to list of e-mail addresses.  In QualysGuard 7.5, Managers and Unit Managers now have the privileges to manage the distribution groups created by their sub-users.

 

Restrict Unit Managers from Adding Virtual Scanner Appliances:  Managers now have the ability to remove the privilege to add virtual appliance from any Unit Manager within the subscription.

 

QualysGuard Vulnerability Management (VM) Enhancements

 

Updates to remediation workflow to provide better flexibility in vulnerability exception handling capabilities: In this release, we made multiple important changes to the remediation functions to help customers to better manage exceptions for vulnerabilities that cannot be fixed or need to be ignored for many reasons. This will improve the way QualysGuard can support exception management for risk acceptance processes and prioritization of their remediation efforts.

 

These enhancements will allow customers to:

  • Automatically ignore vulnerabilities for assets or asset groups by creating tickets in closed/ignored state.
  • Set an expiration date for closed/ignored tickets and QualysGuard will automatically reopen these tickets upon the expiration date.

 

By ignoring vulnerabilities to handle exceptions, associated remediation tickets will always be created for documentation and tracking.

 

New Remediation policy rule to automatically create tickets in the Closed/Ignored state: Users can now define a remediation policy rule that will result in tickets being created in the Closed/Ignored state to support the improvements described above. An optional expiration period can be configured to automatically reopen the ticket and the vulnerability in a set number of days.

 

Batch edit Closed/Ignored tickets to set expiration period: It is a good practice to review on a regular basis the ignored vulnerabilities. In this release, new options are available to bulk edit Closed/Ignored tickets to set a number of days before tickets and vulnerabilities are reopened, so they can be included back into the remediation process.

 

Support for OPatch “invPtrLoc” parameter for Oracle Database scans: The “invPtrLoc” parameter is now supported for OPatch detections within the Oracle authentication record settings. This allows users to identify a custom inventory for patches by entering the path to the oraInst.loc file within the Unix parameters section.

 

QualysGuard Policy Compliance (PC) Enhancements

 

Restrict Scan to Multiple Policies: Users have now the ability to restrict compliance scans to multiple policies (up to 10 instead of 1 in prior releases). When the option “Restrict by Policies” is selected, the service will only retrieve the data points required for the controls contained in the policies selected.

 

New User Defined Control (UDC) for Share Access Check: This release introduces a new Windows type of UDC called Share Access Check. This control returns a list of readable shares and directories accessible by certain users.

This new control can typically to used to:

  • Identify shared folders accessible by everyone including non-authenticated users
  • Verify that specific users or user groups do not have access to restricted folders
  • Audit a specific user in a case of an incident, and identify all shared folders accessible across a large number of servers

 

Scans performed with non-admin privileges will now be processed: On Windows host only, the QualysGuard Service will now process data points retrieved during a scan using non administrator type of account. This provides new users the ability to quickly perform test scans, or for advanced users the ability to create a new non-admin role used for all Qualys scans.

 

New host OS information in Policy Reports: In this release, the Compliance Policy Report will now present the OS information for each host in the Host Statistics section.

 

New section to display Authentication Issues in PC compliance reports: In this new release, compliance reports will include a new section called "Scan Authentication" that will help users troubleshoot scan authentication issues by presenting the list of hosts for which the authentication have failed during the scan and the reason why it failed.

Screen Shot 2012-10-04 at 14.06.25 .png

QualysGuard API Enhancements

 

Full details about the API feature in QualysGuard 7.5 can be found here

 

New API to launch Policy Compliance scans: “/api/2.0/fo/scan/compliance/” with “action=launch”

 

Update to “scan_list_output.dtd” DTD for XML output of the new “/api/2.0/fo/scan/compliance/?action=list” API request only

 

Update to Policy Compliance XML scan results with a new section to show scan authentication issues

 

Update to Policy Compliance XML reports generated with the UI or the API “/api/2.0/fo/report/?action=fetch”.  <HOST_STATISTICS> section now contains the Operating System information

 

Update to “/api/2.0/fo/auth/oracle/” API with a option to support “invPtrLoc” file path

 

Update to “/msp/ticket_edit.php” API with a new option to support reopen date

 

“/msp/scheduled_scans.php” XML output updated to show continuous tasks

 

 

Full release notes will be available to customers from within the Resources section of your QualysGuard account

0

A new release of QualysGuard®, Version 6.24, will be available in production on Tuesday, February 7, 2012. This release is completely transparent to users and will require no scheduled downtime. The release will occur between  20:00 GMT(12 PM PST) and 02:00 AM GMT next day (6 PM PST).

 

QualysGuard 6.24 includes several enhancements including Virtual Scanners general availability and enhancements to Policy Compliance, API and platform capabilities:

 

QualysGuard Virtual Scanner Availability:

 

QualysGuard 6.24 includes the full release of the QualysGuard Virtual Scanner Appliance. The consultant version is easily deployed onto VMware (Workstation, Fusion, Player), Oracle VirtualBox, and other virtualization platforms, with a user console wizard allowing for a quick initial setup. Also available is an enterprise version provided as a packaged VMware vApp that can be effortlessly deployed into VMware vSphere and vCloud environments, requiring no direct console access to the virtual appliance itself.

 

QualysGuard Virtual Scanner Appliances are available to licensed customers for direct download from their QualysGuard account. For more on licensing, please contact your Qualys Technical Account Manager. For details on provisioning the virtual appliance, please refer to the appropriate user guide in the online help and follow the Qualys Community at https://community.qualys.com.

 

QualysGuard Enhancements:

  • Thycotic Server Integration: QualysGuard 6.24 includes integration with Thycotic Secret Server for authentication against Windows and UNIX assets, permitting customers to keep all authentication credentials used for scanning within their network perimeter.

secret server.jpg

 

  • OS CPE Support: QualysGuard 6.24 allows customers to display operating system information in Common Platform Enumeration (CPE) format, allowing for easier correlation and integration with products supporting that standard.

    cpe.jpg

 

 

 

QualysGuard Policy Compliance Enhancements:

 

  • Host Statistics in Policy Report: The Policy Report includes a new section called Host Statistics which includes a list of hosts in the policy with the percentage of control instances that passed on each host.

 

host statistics report.jpg

 

 

 

 

QualysGuard API Enhancements:

  • Final CVSS Score Added to Asset Data Report DTD: The final CVSS score calculated for each vulnerability detection now appears in the automatic asset data report DTD (asset_data_report.dtd) in the <CVSS_Final> element when the CVSS scoring feature is enabled for the user’s subscription.
  • New Share PCI Scan API: The new Share PCI Scan V2 API (/api/2.0/fo/scan/pci/) provides an automated way to share (export) finished PCI scans to PCI Merchant accounts and check the export status. PCI scans are vulnerability scans that were run with the option profile “Payment Card Industry (PCI) Options”.

 


 

Full release notes will be available to customers from within the Resources section of your QualysGuard account. To receive more information on QualysGuard 6.24, please visit the Qualys Community at https://community.qualys.com or contact your Technical Account Manager or Qualys' Technical Support Department at support@qualys.com.

0

A new release of QualysGuard®, Version 6.23, will be available in production on Thursday, December 15th 2011. This release is completely transparent to users and will require no scheduled downtime. The release will occur between 20:00 GMT (12 PM PST) and 02:00 AM GMT next day (6 PM PST).

 

QualysGuard 6.23 includes the following enhancements to VM, Policy Compliance, API and platform capabilities:

QualysGuard Enhancements:

  • Oracle SID or Service Name Authentication: QualysGuard 6.23 introduces the ability to identify Oracle instances by either SID or Service Name, allowing customers to easily perform authenticated scanning of Oracle instances.
    Screen Shot 2011-11-23 at 7.03.06 AM.png
  • Remove IPs from Subscriptions: QualysGuard 6.23 allows users with Manager roles to remove IPs from their subscription without requiring interaction with Qualys Support, reducing the time and effort required to eliminate unneeded or invalid IPs from QualysGuard.
    Screen Shot 2011-11-23 at 7.03.54 AM.png
  • Additional New Scanner Service Icon: QualysGuard 6.23 adds an additional icon for the status of connectivity to New Scanner Services at the Qualys SOC. The addition of a Not Used icon helps clarify when connectivity issues require immediate action, or can be safely disregarded.
    Screen Shot 2011-11-23 at 7.04.41 AM.png

QualysGuard Vulnerability Management Enhancements:

  • Improved Report Trending Data: With QualysGuard 6.23, trending reports have been changed to provide more accurate remediation metrics. Reports will now include data for vulnerabilities that have been fixed in the timeframe specified in your scan report template, even if the detection occurred prior to that window.

QualysGuard Policy Compliance Enhancements:

  • Create Policy using a Golden Image: With QualysGuard 6.23, you can now create a policy by selecting a host to act as a “Golden Image” for the new policy. During policy creation, the scan results of the "Golden Image" are used to set the expected values in your new policy.

Golden Image.png

  • Policy Editor Improvements: QualysGuard 6.23 introduces several improvements to the Policy Editor including enhanced navigation using an outline, collapsible sections within the policy, and easier management of controls. The new policy editor also allows you to switch back to the classic policy editor.

Policy Editor.png

  • Deprecated Controls: To continually improve and simplify the technical controls used in Policy Compliance, QualysGuard 6.23 allows controls to be deprecated and replaced with new controls. Each deprecated control has one or more replacement controls. A new workflow is provided for replacing deprecated controls within your existing policies.

Control Deprecation.png

QualysGuard API Enhancements:

  • Vendor and Product Added to KnowledgeBase V2 API: QualysGuard 6.23 enhances the KnowledgeBase API v2 (api/2.0/fo/knowledge_base/vuln/?action=list) to include the new elements <VENDOR> and <PRODUCT>.
  • Deprecated Control Flag: With QualysGuard 6.23, the <DEPRECATED> flag has been added to the following DTD: Control List Output, Policy List Output, Posture Info Output.
  • Support for Service Name in Oracle Records: In QualysGuard 6.23 the Oracle Authentication API (/api/2.0/fo/auth/oracle/) now supports the servicename input parameter, and XML output includes the <SERVICENAME> element.
  • IPv6 Asset Management: QualysGuard 6.23 provides the new IPv6 Asset API (/api/2.0/fo/asset/ip/v4_v6) for Manager users to manage and scan IPv6 hosts using the API. Additionally, the Detection API (/api/2.0/fo/asset/host/vm/detection/) has been enhanced with the <IPV6> element to indicate the IPv6 address of hosts scanned.

 

Full release notes will be available to customers from within the Resources section of your QualysGuard account. To receive more information on QualysGuard 6.23, please visit the Qualys Community at https://community.qualys.com or contact your Technical Account Manager or Qualys' Technical Support Department at support@qualys.com.

0

A new release of QualysGuard®, Version 6.22, will be available in production on Tuesday, October 4th 2011. This release is completely transparent to users and will require no scheduled downtime. The release will occur between 12 PM PDT (19:00 GMT) and 6 PM PDT (01:00 AM GMT next day).

 

QualysGuard 6.22 includes the following enhancements:

QualysGuard Enhancements:

  • Exclude Hosts per Scan: QualysGuard 6.22 introduces the ability to exclude hosts on a per scan basis. Any user with scanning privileges can exclude hosts this way. This feature is supported for all IP-based scans, including vulnerability scans, compliance scans and FDCC scans.  When launching or scheduling a scan, enter the scan target in the Target Hosts section, and then enter the IP addresses/ranges you want to exclude from the scan in the Exclude IPs/Ranges field.

Exclude Hosts per Scan.png

QualysGuard Vulnerability Management Enhancements:

  • Improved VM Dashboard: With QualysGuard 6.22, an improved Vulnerability Management (VM) Dashboard is now available in the New UI. The VM Dashboard provides a one-page summary of your overall security posture.

VM Dashboard.PNG

  • Improved Oracle Patch (OPatch) Detections: OPatch is an Oracle-supplied utility that helps Oracle users apply and rollback patches for Oracle software. QualysGuard 6.22 provides the option to use the OPatch utility to obtain Oracle patch information during Oracle authenticated scans on Unix hosts.  To enable OPatch, create/edit an Oracle authentication record and provide the proper OPatch parameters:

OPatch.png

  • Patch Report Enhancements: With QualysGuard 6.22, the patch report template includes two new enhancements:
    1. The ability to specify how you want the patch severity calculated.
      Patch Severity.png
    2. The ability to selectively filter patches.
      Selective Patch Filtering.png
  • Published Date Added to KnowledgeBase: The KnowledgeBase includes a new column in QualysGuard 6.22 that shows the published date for each vulnerability. The published date is the date the vulnerability was added to the KnowledgeBase.

Published Date - Knowledgebase.pngThe search criteria has also been updated to include the published date for vulnerabilities:Published date - Search.png

QualysGuard Policy Compliance Enhancements:

  • PC Dashboard: QualysGuard 6.22 introduces a Policy Compliance (PC) Dashboard in the New UI. The PC Dashboard provides a one-page summary of your overall compliance status across all policies in your account.

PC Dashboard.png

  • Policy Summary Report: QualysGuard 6.22 also introduces a new Policy Summary report in the New UI.  The new Policy Summary provides a one-page summary of your compliance status for a specific policy. You can view the Policy Summary from the Reports section (Reports > Policy Summary) or link to it from the PC Dashboard (double-click any policy title under Top 5 Passing/Failing Policies).

Policy Dashboard.png

  • Policy Import/Export: QualysGuard 6.22 introduces the ability to import a compliance policy into your account from an XML file and export a compliance policy from your account to an XML file.  To import a policy directly into your account from an XML file, select New >Import Compliance Policy >Import from XML file from Policies:

Policy Import - Large.pngTo export a policy from your account, select the policy and click Export:Policy Export - Large.png

QualysGuard API Enhancements:

  • Exclude Hosts per Scan: With the introduction of the Exclude Hosts per Scan feature in QualysGuard 6.22, the scan.php V1 API and scheduled_scans.php V1 API have been updated to support a new, optional input parameter: "exclude_ip_per_scan".  This parameter takes a comma seperated list of IP addresses/ranges.  In addition, two new V2 APIs have been created to support this new feature:
    1. Excluded Hosts List (api/2.0/fo/asset/excluded_ip/?action=list) allows API users to request a list of excluded hosts.
    2. Excluded Hosts Change History (api/2.0/fo/asset/excluded_ip/history/?action=list) allows API users to request the change history for excluded hosts in the user’s subscription.
  • Asset Group Filtering for Policy Reports: With QualysGuard 6.22, the launch report V2 API (api/2.0/fo/report/?action=launch) has been updated to support a new, optional input parameter: "asset_group_ids".  This parameter takes a comma seperated list of Asset Group IDs.

 

Full release notes will be available to customers from within the Resources section of your QualysGuard account. To receive more information on QualysGuard 6.22, please visit the Qualys Community at https://community.qualys.com or contact your Technical Account Manager or Qualys' Technical Support Department at support@qualys.com.

0

A new release of QualysGuard®, Version 6.21, will be available in production on Thursday, August 4th 2011. This release is completely transparent to users and will require no scheduled downtime. The release will occur between 12:00 PM PDT (19:00 GMT) and 6 PM PDT (01:00 AM GMT next day).

 

QualysGuard 6.21 includes the following enhancement:

QualysGuard Vulnerability Management Enhancements:

  • Exclude Zero Risk Hosts in Risk Calculations: With QualysGuard 6.21, there is now an option to exclude hosts with zero risk in your risk calculations.  This can be used to tune your risk calculations more effectively and look at only hosts that represent a security risk in your environment.   It can be accessed by selecting Setup > Security Risk.

qg-security-risk-old.png

Black Hat USA 2011 Announcements:

In addition, we are introducing in this release new and exciting features that will be previewed at Black Hat USA 2011 on August 3rd. We will update this post once these announcements are public. If you are attending Black Hat, please stop by our booth to see a demo or join us at our customers' appreciation reception - RSVP at: http://www.qualys.com/blackhat.


Full release notes will be available to customers from within the Resources section of your QualysGuard account. To receive more information on QualysGuard 6.21, please visit the Qualys Community at https://community.qualys.com or contact your Technical Account Manager or Qualys' Technical Support Department at support@qualys.com.

0

A new release of QualysGuard®, Version 6.20, will be available in production on Thursday, July 21st 2011. This release is completely transparent to users and will require no scheduled downtime. The release will occur between 12 PM PDT (19:00 GMT) and 6 PM PDT (01:00 AM GMT next day).

 

QualysGuard 6.20 includes the following enhancements:

QualysGuard Enhancements:

  • New Processing Status on Scan History List: With QualysGuard 6.20, new icons that identify the status of scan processing have been added to the Scan History list and the FDCC Scan History list.  These new statuses have been added to help clarify the difference between scanning status and processing status, as these are two distinct activities within QualysGuard. When a scan is fully processed, then all reports will refelct the most update-to-date status of IPs based on the automatic data. This applies to the following scan types: VM, POL and FDCC.
Processed.pngIndicates that the scan results have been processed
Not Processed.pngIndicates that the scan results have not been processed

Processing Status 1.png

QualysGuard Vulnerability Management Enhancements:

  • “Exclude Hosts Only Discovered via DNS” Moved to Map Report Template: With QualysGuard 6.20, the map option "Exclude Hosts Only Discovered via DNS" was moved from the option profile to the map report template.  In the map report template, select the check box "Exclude hosts only discovered via DNS" to filter out of your report any devices that were solely discovered via a DNS discovery method.

Exclude DNS Hosts.png

Full release notes will be available to customers from within the Resources section of your QualysGuard account. To receive more information on QualysGuard 6.20, please visit the Qualys Community at https://community.qualys.com or contact your Technical Account Manager or Qualys' Technical Support Department at support@qualys.com.

1 2 Previous Next

Bookmarked By (0)

Actions