Qualys : Cloud Platform (VM, PC) 8.16 New Features
January 22, 2019 at 04:49 pm EST
Share
This new release of the Qualys Cloud Platform (VM, PC), version 8.16, contains several new improvements in Qualys Vulnerability Management and Qualys Policy Compliance, which includes new password security option, increased limit for virtual hosts that can be added to a subscription, added support for Scanning ESXi Hosts on vCenter, and more.
Read on for release highlights.
Qualys Cloud Platform
New Password Security Options We've added several new password security options to enforce a strong password policy. Go to Users > Setup > Security to set password requirements for all users in the subscription.
By default, you cannot reuse any of your last 13 passwords, but this option will become configurable in a future release.
We are also enforcing a special characters requirement, by default, but this option too will become configurable in a future release.
Enforced retention of scan/map results - This release enforces retention policy for scan/map results. Users can no longer clear (un-check) the Automatically delete scan/map results options.
Asset search: New filter for last SCAP scan date - Users can now search for assets based on the last scanned date for SCAP compliance.
Scanner Appliances List - Renamed ID column to personalization code - On the Appliances list, the ID column has been renamed to Personalization Code to make it easier to identify the personalization code after adding a virtual scanner.
New search filters to search for scanners - Two new filters - Scanner Type and Platform Provider - have been added in the Appliances tab to improve scanner search capability.
Qualys Vulnerability Management (VM)
Virtual Host Limit Increased - The number of virtual hosts you can add to your subscription increased from 1024 to 5000.
Quick Start Guide UI updates - Users will now receive updates to the Quick Start Guide page, such as new links to video transcripts, VM community and self-paced trainings.
Qualys Policy Compliance (PC/SCAP/SCA)
Support for Scanning ESXi Hosts on vCenter - UI changes have been added to enhance the feature for better usability.
Apache Tomcat 9.x Support - This release adds support for Tomcat Server authentication to include Apache Tomcat 9.x for Windows and Unix.
IBM HTTP Server 9.x Support - This release adds support for Apache Web Server authentication to include IBM HTTP Server 9.x.
OS Authentication Based Instance Technology Discovery - Users can now collect technology data using the underlying OS technology instance without creating authentication records.
New Technologies Supported for Windows UDCs - UDC support for Windows has been extended to include Windows Embedded 7, 8 and 8.1.
Auto Update Expected Values from Agent Scans - Users can now choose to update a control's expected values with the actual values collected from each cloud agent scan.
New Instance column in STIG Report CSV - Users can now include the host instance in the STIG report by selecting 'Instance' in the STIG report template.
References
For more details about the above features, please review the release notes.
See Also:
Attachments
Original document
Permalink
Disclaimer
Qualys Inc. published this content on 22 January 2019 and is solely responsible for the information contained herein. Distributed by Public, unedited and unaltered, on 22 January 2019 21:48:05 UTC
Qualys, Inc. is a provider of a cloud-based platform delivering information technology (IT), security and compliance solutions. The Companyâs integrated suite of IT, security and compliance solutions delivered on Qualys' Enterprise TruRisk Platform enables its customers to identify and manage their IT and operational technology (OT) assets, collect, and analyze large amounts of IT security data, recommend, and implement remediation actions and verify the implementation of such actions. It provides its solutions through a software-as-a-service model, primarily with renewable annual subscriptions. Its cloud platform offers an integrated suite of solutions that automates the lifecycle of asset discovery and management, security and compliance assessments, and remediation for an organizationâs IT infrastructure and assets, whether such infrastructure and assets reside inside the organization, on their network perimeter, on endpoints or in the cloud.