Cloud Agent for Linux Intel Release 7.4.2
June 16, 2026
Enforce CPU Limit for CEP Processes
We have introduced kernel-based CPU limit enforcement for the Agent Command Execution Pipeline (qualys-cep process) using Linux Control Groups (cgroups). The enhancement enforces precise CPU throttling based on the CPU limit configured in the Cloud Agent user interface. It helps you precisely control CPU usage on your Linux assets.
Kernel-based CPU limit enforcement applies only to Command Execution Pipeline (CEP) processes. The main agent process (qualys-cloud-agent) and other child processes use conventional CPU throttling.
The Kernel-based CPU limit enforcement is not supported for init.d platforms, such as RHEL 6, OEL 6, CentOS 6, Ubuntu 14.04, and Debian 8.
To learn more about this feature, refer Cloud Agent for Linux Intel Release 7.4.1.
SwCA Enhancements for Linux Intel Cloud Agent
We introduced the following enhancements to the SwCA Scanner for Linux:
Configure SwCA Log-level with Cloud Agent
The SwCA Scanner now uses log levels configured in the Cloud Agent configuration file. The configurable log level provides you with the flexibility to select what log data you want to collect directly from the Cloud Agent user interface.
This enhancement provides a simpler way to configure the log level and collect the SwCA process logs. Also, you no longer need to configure the SwCA log levels separately.
Extended Language Support for SwCA Runtime Analysis
We extended the language support for SwCA Runtime Analysis on Linux platforms to the following languages:
| Language | Newly Supported Files for Runtime Analysis |
|---|---|
| Ruby | /*.gemspec |
| PHP | vendor/composer/installed.json modules/{}/.info.yml wp-content/plugins/.php administrator/components/com_/.xml administrator\manifests\packages\pkg_.xml |
| Node.js | package.json {}.yarn/cache/.zip/package.json ~/.yarn/berry/cache/ *.asar/package.json |
The extended language support for the SwCA Runtime Analysis enables deeper analysis of running executables on Linux assets, enhancing detection and remediation. Enabling Runtime analysis may increase the SwCA scan time, as the Cloud Agent scans all executable files on assets to extract component metadata.
| Required Application Version | SwCA Scanner for Linux 1.4 |
Behavior Change
There are no behavior changes in this release.
Platform Coverage Support
No new platform coverage added in this release.
Issues Addressed
The following important and notable customer issues are fixed in this release:
| Category/Component | Description |
|---|---|
| Cloud Agent Communication | We fixed an issue where Linux Cloud Agent 7.4 communication stopped on the SuSE Linux platform due to certificate validation failure. We updated the certificate validation workflow, and now Cloud Agent communicates correctly on the SuSE Linux platform. |
| Cloud Agent Communication | Fixed an issue where multiplexer startup failed with the default log level configuration. Now multiplexer startup works correctly. |
| SwCA Scan | We fixed an issue where Cloud Agent immediately launched a SwCA scan and did not follow the configured scan interval when a new SwCA scan manifest was published. The agent now follows the configured scan interval and launches the SwCA scan as per the configured time. This update is available for SwCA Scanner for Linux 1.4 and later. |