This release of the Qualys Cloud Platform version 2.39 includes updates and new features for Out-of-Band Configuration Assessment (OCA), Vulnerability Management, and Web Application Scanning, highlights as follows.
Out-of-Band Configuration Assessment (OCA)
Updated Description - The description for OCA is changed to 'Extend security and compliance to inaccessible asset' to better reflect the enhanced use cases offer by this application.
Trending uses Include/Exclude Filters in Dashboard - Widget trending now supports the recently introduced Include/Exclude filters, for example, excluding Fixed vulnerabilities in trending widgets.
Web Application Scanning
Enhanced Crawling - A new setting is available in a WAS option profile that can potentially improve scan coverage. With enhanced crawling enabled, the scanner will load and render individual directories associated with the web application. This can lead to discovery of additional content to be scanned.
Full HTTP Requests - WAS now provides the full HTTP request made by the scanner for vulnerabilities such as XSS and SQL injection. This improvement was done to help with reproduction and remediation of scan findings.
Default Report Template - When creating a report, the default report template for the report type is now used. For example, when selecting 'View Report' from the quick actions menu for a scan, the default template for a scan report will be used. When selecting 'View Report' for a web application, the default template for a web application report will be used.
API updates are also included with this release:
Qualys Cloud Platform 2.39 API Notification 1
The specific day for deployment will differ depending on the platform. Release Dates will be published on the Qualys Status page when available.
For more details about the above features - please review the release notes. Release notes will be posted as soon as they are available on the Qualys Suite Release Notes page.
Qualys Inc. published this content on 24 June 2019 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 25 June 2019 01:02:06 UTC