Skip navigation
1 2 3 ... 5 Previous Next

US Platform 1

65 Posts
0

A new release of QualysGuard AM API is scheduled to be released in production on the QualysGuard US Platform 1 on April 3rd, 2014 between 12 PM PDT (19:00 UTC) and 6:00 PM PDT (01:00 UTC next day).

 

The deployment is completely transparent to users and will require no downtime.

 

Release Details: QualysGuard AM API update includes the addition of the Asset Management and Tagging API v2. The addition of this API will allow customers to access new Tag API, Host Asset API, Asset API and Host Instance Vulnerability API functionality via one API. For more information on new features see QualysGuard API Notification 

 

To continue to receive notifications by email, please subscribe at https://community.qualys.com/community/notifications-us1

0

A new release of QualysGuard WAS, Version 3.3 is scheduled to be released in production on the QualysGuard US Platform 1 on April 3rd, 2014 between 12 PM PDT (19:00 UTC) and 6:00 PM PDT (01:00 UTC next day).

 

The deployment is completely transparent to users and will require no downtime.

 

Release Details: QualysGuard WAS 3.3 includes enhancements to Web Application Management,  Reporting and APIs that save organizations time and enable them to operate more effective and efficient web applicaton security programs.  For more information on features see QualysGuard WAS 3.3 New Features.

 

To continue to receive notifications by email, please subscribe at https://community.qualys.com/community/notifications-us1

0

A new release of QualysGuard, Version 7.13 will be available in production on QualysGuard US Platform 1 on March 6, 2014. The deployment is scheduled to coincide with the currently scheduled maintenance window QualysGuard US Platform 1 Maintenance Notification: March 6, 2014. The release will occur between the hours of 12:00 PM Pacific (20:00 UTC) and 0:00 AM Pacific next day (8:00 AM UTC next day).

 

QualysGuard VM and PC version 7.13 includes the following features:

Vulnerability Scorecard Report updates, New Compliance Scorecard Report, MS SQL Authentication – Auto Discover Database Instances, and multiple API enhancements (Ability to download API v2 CSV reports without headers, New HTTP Authentication options, New "Policy Merge” feature,  Policy Report XML now includes custom control references, Apache Authentication Support for multiple instances per host)

 

See QualysGuard 7.13 New Features and QualysGuard® 7.13 API Notification - 15 Day for more details.

 

To continue to receive notifications by email, please subscribe at US Platform 1

0

Update: (March 7, 2014 3:41 am PDT) We have completed the maintenance and services are restored.

 


 

 

Qualys regularly upgrades the QualysGuard Cloud Platforms for capacity expansion and maintenance purposes.

 

We are now ready for a maintenance that will allow Qualys to apply database and network enhancements which will affect the QualysGuard US Platform 1 and several other Qualys services, as detailed below.

 

This upgrade will happen on March 6, 2014 and requires a 12-hour downtime starting at 12:00 PM Pacific (20:00 UTC) and ending at 0:00 AM Pacific next day (8:00 AM UTC next day).

 

Please note that none of the QualysGuard applications on US Platform 1 will be available during this maintenance window.  This includes:

 

  • QualysGuard Vulnerability Management
  • QualysGuard Policy Compliance
  • QualysGuard Wep Application Scanning
  • QualysGuard Malware Detection Service
  • QualysGuard Asset Management, including Dynamic Asset Tagging
  • scans running on QualysGuard External scanners (scans running on customer appliances will not be impacted)

 

The following Qualys services will also be impacted and unavailable during this maintenance window:

 

  • QualysGuard PCI Compliance
  • Qualys FreeScan
  • Qualys BrowserCheck
  • Qualys business web sites

 

Any scans scheduled to begin during the downtime will start immediately following the scheduled downtime. Customers are advised to make sure that the restart of scheduled scans after the downtime does not interfere with normal network operations.

 

If your account has been enabled with New Scanner Services, your running QualysGuard VM, PC, and WAS scans using deployed scanner appliances (but not the External scanners, as noted above) will not be impacted by this downtime and the results will be processed after the service is returned.

 

If your account has not been enabled with the New Scanner Services, then any scans running at the start of the scheduled downtime will be canceled.

 

We appreciate your patience and if you have any further questions regarding this upgrade, please feel free to contact Qualys Technical Support at support@qualys.com or +1 (866) 801 6161 (US and Canada) or +44 (0)1753 872102 (UK) or +33 1 41 97 35 81 (France).

 

We thank you for your continued support and look forward to your feedback.

qg2.qualys.com
0

A new release of QualysGuard WAS, Version 3.2 is scheduled to be released in production on the QualysGuard US Platform 1 on February 19, 2014 between 12 PM PST (20:00 UTC) and 6:00 PM PST (02:00 UTC next day).

 

Update: Due to the President's Day holiday on February 17th, the release will take place on February 19th, 2014.

 

The deployment is completely transparent to users and will require no downtime.

 

Release Details: QualysGuard WAS 3.2 includes enhancements to Web Applications, Scanning, Reporting, and APIs. See QualysGuard WAS 3.2 New Features.

 

To continue to receive notifications by email, please subscribe at https://community.qualys.com/community/notifications-us1

0

Qualys will decommission its legacy platform scan distribution service, "Dispatcher", on or after 2014-02-28 on US Platform 1.

 

 

Dispatcher is being discontinued in favor of New Scanner Services, which has been in operation since 2010.  The vast majority of user subscriptions have already been migrated to New Scanner Services, and Qualys will now begin a final push to migrate all remaining subscriptions.  The migration action requires no user action and is non-disruptive except in special circumstances.

 

Details are available at Qualys To Decommission Scan Job "Dispatcher", Migrate All Subscriptions To "New Scanner Services". If you have further questions, you may contact your Qualys reseller contact; your Qualys account manager; and/or Qualys support.

0

An update to the QualysGuard, Version 7.12 will be available in production on the QualysGuard US Platform 1 on December 10, 2013. The deployment is completely transparent to users and will require no downtime. The release will occur between 12 PM PST (20:00 UTC) and 6:00 PM PST (02:00 UTC next day).

 

Release Details: QualysGuard 7.12 Update includes enhancements to QualysGuard Vulnerability Management (VM) and Policy Compliance (PC) reports, and API. See QualysGuard 7.12 Update.

 

Full release notes will be available to customers from within the Resources section of your QualysGuard account.

 

To continue to receive notifications by email, please subscribe at https://community.qualys.com/community/notifications-us.

4

A new release of QualysGuard, Version 7.12 will be available in production on the QualysGuard US Platform 1 on November 14th , 2013. The deployment is completely transparent to users and will require no downtime. The release will occur between 12 PM PST (20:00 UTC) and 6:00 PM PST (02:00 UTC next day).

 

Release Details: QualysGuard 7.12 includes enhancements to QualysGuard Vulnerability Management (VM) and Policy Compliance (PC) reports, and API. See QualysGuard 7.12 New Features

 

Full release notes will be available to customers from within the Resources section of your QualysGuard account.

 

To continue to receive notifications by email, please subscribe at https://community.qualys.com/community/notifications-us

0

A new release of QualysGuard WAS, Version 3.1 has been released in production on the QualysGuard US Platform 1 as of  November 22, 2013.

 

The deployment is completely transparent to users and will require no downtime.

 

 

Release Details: QualysGuard WAS 3.1 includes enhancements to Web applications, Scanning, Reporting, and APIs. See QualysGuard WAS 3.1 New Features

 

To continue to receive notifications by email, please subscribe at https://community.qualys.com/community/notifications-us1

0

Update: (October 4, 2013 6:00pm PDT) Maintenance is complete all services are online.

 

Update: (October 4, 2013 5:02pm PDT) Scheduled VM and PC scans are launching and PCI scanning is avaliable. We are still testing Portal services. ETA for all services running is 6:00pm PDT.

 

 

Update: (October 4, 2013 4:05pm PDT) We have completed the maintenance work and are in the process of testing and bringing services online. We have partial availability of Services: QualysGuard UI is available, VM and PC scan processing has started, scheduled scans are paused, Portal service are still under maintenance, and PCI scanning is paused. ETA for all services running is 5:00pm PDT.

 


 

Original: On September 5, Qualys operations performed a necessary upgrade to the QualysGuard US Platform to update its Oracle database server kernel to the latest version. This upgrade has led to service degradation that impacted performance levels for some customers using the US Platform. Despite our continued efforts working with Oracle to fix the issues introduced by the new database kernel, Qualys Operations has determined that the best approach to restore performance levels to normal is to roll back this upgrade to the previous version while continuing to work with Oracle to resolve the issues introduced by the latest database server kernel.

 

This rollback requires an emergency upgrade with a 4-hour downtime scheduled on October 4, 2013 at 12:00 PDT (19:00 GMT). Please note that all QualysGuard US Platform services will not be available during this emergency downtime including:

 

 

Impact of this Downtime on Running Scans

  1. In QualysGuard accounts that are enabled with the New Scanner Service, scans will not be interrupted by this downtime and the results will be processed after the service is returned.
  2. In QualysGuard accounts that are not enabled with the New Scanner Service, scans running at the start of the downtime will be canceled.
  3. Scans scheduled to begin during the downtime will start immediately following the scheduled downtime. Customers are advised to make sure that the re-start of scheduled scans after the downtime does not interfere with normal network operations.

 

To get automated QualysGuard upgrade and system notifications from the Qualys Community, please subscribe at: https://community.qualys.com/community/notifications-us.

 

If you have any questions regarding this upgrade, please feel free to contact Qualys Technical Support at support@qualys.com or +1 (866) 801 6161.

 

We thank you for your continued support and look forward to continuously improving our services.

 

Qualys Customer Advocacy Group

0

An update to QualysGuard, Version 7.11 will be available in production on the QualysGuard US Platform 1 on September 11, 2013. The deployment is completely transparent to users and will require no downtime. The release will occur between 12 PM PDT (19:00 UTC) and 6:00 PM PDT (01:00 UTC next day).

 

Release Details: QualysGuard 7.11 update includes enhancements to QualysGuard Vulnerability Management (VM). See QualysGuard 7.11 update: New Vulnerability Notification Feature

 

Full release notes will be available to customers from within the Resources section of your QualysGuard account.

 

To continue to receive notifications by email, please subscribe at https://community.qualys.com/community/notifications-us

3

Qualys regularly upgrades the QualysGuard Cloud Platforms for capacity expansion and maintenance purposes.

 

We are now ready for a new maintenance that will allow Qualys to expand the external scanning capacity of the US Platform 1, and apply various database and network enhancements.

 

This upgrade will happen on September 5, 2013 and requires a 12-hour downtime starting at 12:00 PM Pacific (19:00 UTC) and ending at 12:00 AM Pacific next day (7:00 AM UTC next day).

 

Please note the following QualysGuard services on the US Platform 1 will not be available during this maintenance window including:

  • QualyGuard VM
  • QualysGuard PC
  • QualysGuard WAS
  • QualysGuard scans using the External Scanners (see details below)
  • Asset Tagging
  • PCI scanning
  • Malware Detection Service MDS

 

Scans running on the External Scanners will be canceled at the beginning of the maintenance window.

 

Any scans scheduled to begin during the downtime will start immediately following the scheduled downtime. Customers are advised to make sure that the restart of scheduled scans after the downtime does not interfere with normal network operations.

 

If your account has been enabled with the New Scanner Service, your running scans using scanner appliances will not be impacted by this downtime and the results will be processed after the service is returned.

 

If you account has not been enabled with the “New Scanner Service”, then any scans running at the start of the scheduled downtime will be canceled.

 

We appreciate your patience and if you have any further questions regarding this upgrade, please feel free to contact Qualys Technical Support at support@qualys.com or +1 (866) 801 6161 (US and Canada) or +44 (0)1753 872102 (UK) or +33 1 41 97 35 81 (France).

 

We thank you for your continued support and look forward to your feedback.

0

A new release of QualysGuard, Version 7.11 will be available in production on the QualysGuard US Platform 1 on August 20, 2013. The deployment is completely transparent to users and will require no downtime. The release will occur between 12 PM PDT (19:00 UTC) and 6:00 PM PDT (01:00 UTC next day).

 

Release Details: QualysGuard 7.11 includes enhancements to QualysGuard Vulnerability Management (VM) and Policy Compliance (PC) reports, and API. See QualysGuard 7.11 New Features

 

Full release notes will be available to customers from within the Resources section of your QualysGuard account.

 

To continue to receive notifications by email, please subscribe at https://community.qualys.com/community/notifications-us

0

A new release of QualysGuard, Version 7.10 will be available in production on the QualysGuard US Platform 1 on June 26, 2013. This release is completely transparent to users and will require no downtime. The release will occur between 12 PM PDT (19:00 UTC) and 8:00 PM PDT (03:00 UTC next day).

 

Release Details: QualysGuard 7.10 includes enhancements to QualysGuard Cloud Platform, Vulnerability Management (VM), Policy Compliance (PC) and API. See QualysGuard 7.10 features.

 

New QualysGuard Express Lite: The new service offering QualysGuard Express Lite for SMBs is launched with this release. See QualysGuard Express Lite features.

 

Full release notes will be available to customers from within the Resources section of your QualysGuard account.

 

To continue to receive notifications by email, please subscribe at https://community.qualys.com/community/notifications-us/

0
Posted by WillB on Apr 29, 2013 in US Platform 1

QualysGuard WAS 3.0: May 14, 2013

A release of QualysGuard® Web Application Scanning version 3.0 is targeted for May 14, 2013 in production on the US Platform 1 featuring malware detection and integration with Burp Suite. This release is completely transparent to users and will require no scheduled downtime. The release will occur between 12 PM PDT (19:00 GMT) and 8 PM PDT (03:00 AM GMT next day).

 

QualysGuard WAS 3.0 includes enhancements that give subscribers the ability to schedule daily malware scans for Internet-facing websites. The Malware Detection Service (MDS) ensures that subscribers can prevent their website users from becoming infected and protect the reputation of their brand reputation. WAS 3.0 also includes an integration with Burp Suite, enabling subscribers to upload and store Burp Suite XML reports, associate them with a web application and share these findings with other Qualys users. Future releases of WAS are planned to correlate Burp results with Qualys WAS results and provide centralized reporting. Organizations will benefit by storing all the web application security testing data including automated testing and manual testing together to enable enhanced management and reporting.

 

Malware Monitoring for Web Applications

We're pleased to announce that we've integrated malware detection capability into WAS to make it easy for you to perform scans that detect not only web application vulnerabilities, but also malware that may infect the same web properties. Now there's an easy way to combine web application scanning and malware detection to ensure that your Internet-facing web sites are free from web application vulnerabilities and malware. Web site malware is typically found only on Internet-facing web applications. To learn more about these scan types, refer to the WAS 3.0 feature announcement on Qualys Community.

 

 

  • Add Malware Monitoring to Websites: Enabling malware monitoring for an Internet-facing application is now just another simple step in the web application creation wizard. You just indicate the time you want the scan to start, the timezone and if you want to receive email notifications if malware is identified. Everything else is done by WAS—a daily malware scan is scheduled and if you chose to be notified you can just sit back and relax knowing you will get an email if the daily monitoring identifies malware.



select_malware_monitoring.bmp

 

  • See the Malware Severity for the Website: We’ve added a new MDS Severity column to the web applications list. For web applications that have been scanned for malware, this column shows the severity of any detected malware. If the scan found no malware, you’ll see the “Safe” icon.

mds_severity.bmp

 

 

  • Malware Status on the WAS Dashboard: Users can see the status of malware scanning on the WAS Dashboard. If the user clicks on the Malware badge they will go to the Malware Detection Service dashboard so they can review the status of all MDS scanning.

was_dash.bmp

 

Burp Suite Integration

This is the first in a series of integrations with attack proxy tools used primarily to conduct more advanced manual application penetration and validation testing. We recognize that there is a place for both automated scanning and attack proxies and we are combining the best of both approaches. Our Burp Suite integration gives you a way to store the findings discovered by the Burp Suite scanner with those discovered by WAS and share this information with multiple users. To learn more about this and future integrations refer to th3 WAS 3.0 announcement on Qualys Community.

 

  • Import Burp Findings: You can import a Burp report from your local file system. The report must be an XML file no larger than 20MB containing detections on only one web application.

burp_import.bmp

 

 

  • View Burp Findings: You can review the Burp Suite vulnerabilities detected. Users can review a list and then drill into the details.

burp_issues_list.bmp

 

 

burp_issue_details.bmp

 

Vulnerability Detection Browser

Check out our new Vulnerability Detection Browser by going to Web Applications > Detections. This gives you an easy way to review the vulnerabilities detected on web applications in your account without running reports. Use the search and filtering options (on the left) to take actions on one or more detections. The VDB will also allow you to perform actions on muliple vulnerabilities, view the details of vulnerabilities and ignore vulnerabilities that are risk accepted.

detections_list.bmp

 

Usability Enhancements

A number of enhancements have been added to make working with web application scanning easier and safer.

 

  • Create a Report Before Deleting Web Application: When deleting one or more web applications, you now have the option to generate a Web Application Security Status Report for the web applications you’re deleting. The report is automatically saved to your reports list and does not expire. Note that you must have the Create Report permission to use this feature. This feature ensures you never lose the last state of security for an application when it is no longer a part of the scanning program.

delete_app_conf_1.bmp

 

  • Always Keep the History: The report for deleted web apps never expires.

report_list.bmp

 

  • Create a Report Before Purging a Web Application: When purging one or more web applications you now have the option to generate a Web Application Security Status Report for the web applications you’re purging. The report is automatically saved to your reports list and does not expire. Note that you must have the Create Report permission to use this feature.

purge_app_1.bmp

 

  • Web Application URLs in Lists: We’ve improved the display of the web application, scan and schedule lists. Each of these lists now displays the URL for each web application shown.

 

web_app_list.bmp

scans_list.bmp

 

  • Improved Scanner Appliance Information: With this release we’ve made it easier to find out which scanner appliances are assigned to web applications and used in scans and schedules.

 

scanner_list.bmp

scans_list_2.bmp

 

 

 

 

For more information on QualysGuard WAS 3.0, please visit the Qualys WAS community or contact your Technical Account Manager.

 

To continue to receive notifications by email, please subscribe at https://community.qualys.com/community/notifications-us/.

1 2 3 ... 5 Previous Next

Bookmarked By (0)

Actions