Skip navigation

US Platform 1

4 Posts authored by: Corey Bodzin

A new release of QualysGuard, Version 8.1, will be available in production on QualysGuard US Platform 1 on July 17th, 2014. The deployment is completely transparent to users and will require no downtime. The release will occur between 10:00 AM PDT (17:00 UTC) and 4:00 PM PDT (23:00 UTC).


QualysGuard VM version 8.1 includes improved Maps, Certificate Fingerprints, Option Profile enhancements, Host Remediation information, new Templates for Heartbleed and Continuous Monitoring, and new Report Template options.


QualysGuard PC includes new Directory Search UDCs, Exception Expiring Notifications, and Policy Library improvements.


API enhancements include support for Customer HTTP Headers, SCAP Scans, and Compliance Posture CSV output.


See QualysGuard 8.1 New Features and QualysGuard API Release Version 8.1 - 15 day notification for more details.


To continue to receive notifications by email, please subscribe at US Platform 1.

In response to recent service interruption that occurred on Wed March 7th, Qualys operations is undertaking an immediate update to the Oracle database for the QualysGuard US infrastructure. This update will fix Oracle bug #7307972*.

This emergency upgrade requires an 4-hour downtime starting on March 21, 2012 at 16:00 PDT (23:00 GMT). The following services will be unavailable at this time:


For subscriptions not using QualysGuard New Scanner Services, any scans running at the start of the scheduled downtime will be canceled and any scans scheduled to begin during the downtime will start immediately following the scheduled downtime. Customers are advised to make sure that the re-start of scheduled scans after the downtime does not interfere with normal network operations.


Scanning for subscriptions using New Scanner Services will not be affected. 


To find out if your Scanner Appliances are using New Scanner Services, please check their status within the Scans->Appliances tab in your QualysGuard subsription.

To get automated QualysGuard upgrade and system notifications from the Qualys Community, please subscribe at:


If you have any further questions regarding this upgrade, please feel free to contact Qualys Technical Support at or +1 (866) 801 6161.


We thank you for your continued support and look forward to continuously improving our services.


*Oracle #7307972 "Excessive waits on library cache : mutex x" is an issue that is causing QualysGuard to experience excessive wait times to acquire a lock (mutex) on a cursor object in the database, resulting in QualysGuard service degradation.

A new release of QualysGuard®, Version 6.23, will be available in production on Tuesday, December 13th 2011. This release is completely transparent to users and will require no scheduled downtime. The release will occur between 12 PM PST (20:00 GMT) and 6 PM PST (02:00 AM GMT next day).


QualysGuard 6.23 includes the following enhancements to VM, Policy Compliance, API and platform capabilities:

QualysGuard Enhancements:

  • Oracle SID or Service Name Authentication: QualysGuard 6.23 introduces the ability to identify Oracle instances by either SID or Service Name, allowing customers to easily perform authenticated scanning of Oracle instances.
    Screen Shot 2011-11-23 at 7.03.06 AM.png
  • Remove IPs from Subscriptions:  QualysGuard 6.23 allows users with Manager roles to remove IPs from their subscription without requiring interaction with Qualys Support, reducing the time and effort required to eliminate unneeded or invalid IPs from QualysGuard.
    Screen Shot 2011-11-23 at 7.03.54 AM.png
  • Additional New Scanner Service Icon:  QualysGuard 6.23 adds an additional icon for the status of connectivity to New Scanner Services at the Qualys SOC.  The addition of a Not Used icon helps clarify when connectivity issues require immediate action, or can be safely disregarded.
    Screen Shot 2011-11-23 at 7.04.41 AM.png

QualysGuard Vulnerability Management Enhancements:

  • Improved Report Trending Data: With QualysGuard 6.23, trending reports have been changed to provide more accurate remediation metrics. Reports will now include data for vulnerabilities that have been fixed in the timeframe specified in your scan report template, even if the detection occurred prior to that window.


QualysGuard Policy Compliance Enhancements:

  • Create Policy using a Golden Image: With QualysGuard 6.23, you can now create a policy by selecting a host to act as a “Golden Image” for the new policy.  During policy creation, the scan results of the "Golden Image" are used to set the expected values in your new policy.

Golden Image.png

  • Policy Editor Improvements: QualysGuard 6.23 introduces several improvements to the Policy Editor including enhanced navigation using an outline, collapsible sections within the policy, and easier management of controls.  The new policy editor also allows you to switch back to the classic policy editor.

Policy Editor.png

  • Deprecated Controls:  To continually improve and simplify the technical controls used in Policy Compliance, QualysGuard 6.23 allows controls to be deprecated and replaced with new controls. Each deprecated control has one or more replacement controls. A new workflow is provided for replacing deprecated controls within your existing policies.

Control Deprecation.png

QualysGuard API Enhancements:

  • Vendor and Product Added to KnowledgeBase V2 API:  QualysGuard 6.23 enhances the KnowledgeBase API v2 (api/2.0/fo/knowledge_base/vuln/?action=list) to include the new elements <VENDOR> and <PRODUCT>.
  • Deprecated Control Flag: With QualysGuard 6.23, the <DEPRECATED> flag has been added to the following DTD:  Control List Output, Policy List Output, Posture Info Output.
  • Support for Service Name in Oracle Records:  In QualysGuard 6.23 the Oracle Authentication API (/api/2.0/fo/auth/oracle/) now supports the servicename input parameter, and XML output includes the <SERVICENAME> element.
  • IPv6 Asset Management:  QualysGuard 6.23 provides the new IPv6 Asset API (/api/2.0/fo/asset/ip/v4_v6) for Manager users to manage and scan IPv6 hosts using the API.  Additionally, the Detection API (/api/2.0/fo/asset/host/vm/detection/) has been enhanced with the <IPV6> element to indicate the IPv6 address of hosts scanned.


Full release notes will be available to customers from within the Resources section of your QualysGuard account. To receive more information on QualysGuard 6.23, please visit the Qualys Community at or contact your Technical Account Manager or Qualys' Technical Support Department at

Dear customers:


A new release of QualysGuard®, Version 6.17, will be available in production on Monday, February 7th 2011. This release is completely transparent to users and will require no scheduled downtime. The release will occur between 12 PM PST (20:00 GMT) and 6 PM PST (02:00 AM GMT next day).


QualysGuard 6.17 includes the following enhancements:


QualysGuard Vulnerability Management Enhancements:

  • Trend Micro Virtual Patch: QualysGuard 6.17 correlates Trend Micro Virtual Patching with QualysGuard-detected vulnerabilities, allowing users to identify and prioritize additional remediation options to reduce risk.  Virtual Patching information is available for Trend Micro Deep Security and Trend Micro OfficeScan products.
  • PCI Linked Account Status: QualysGuard 6.17 provides users of QualysGuard integrated access with QualysGuard PCI 5.0 to view and report on the current compliance status and upcoming due dates for all linked accounts, providing a centralized view of PCI compliance efforts.


QualysGuard Policy Compliance Enhancements:

  • Filtering Frameworks: QualysGuard 6.17 provides the ability to filter or limit the number of frameworks available within the Policy Compliance module.  This enhancement allows customers to filter the frameworks either at the subscription level, affecting all users, or at the report template level, affecting specific reports only.  In addition, the subscription level filter will also filter the frameworks from the control API, allowing customers to extract only the relevant frameworks for their business needs.
  • Cisco IOS: QualysGuard 6.17 introduces configuration scanning support of Cisco IOS 12.x and 15.x within the Policy Compliance module.  This enhancement allows customers to authenticate to Cisco IOS devices via SSH and analyze the running configuration.  A new authentication record for Cisco IOS has been added within QualysGuard to support this enhancement.
  • FDCC Enhancements: Support for Windows 7 and Internet Explorer 8. QualysGuard 6.17 adds Security Content Automation Protocol (SCAP) scanning support for Windows 7, Windows 7 Firewall, and Internet Explorer 8.  This enhancement supports the United States Government Configuration Baseline (USGCB) content published by the National Institute of Standards and Technology (NIST) for these technologies.


QualysGuard API:

  • Detection API: This release includes a new “detection” extension to the version 2 API that is available via following URL:   This gives API users the ability to obtain the most current  vulnerability data (“automatic” data) associated to host assets in a XML  format that can be easily imported into third party solutions.  The  detection API is a recommended replacement for other existing API calls  such as “asset_range_info.php”, “asset_data_report.php”,  “asset_search.php” and “get_host_info.php”.


Full release notes will be available to customers from within the Resources section of your QualysGuard account. Feel free to contact your Technical Account Manager or Qualys' Technical Support Department ( for more information about this release.