Qualys Cloud Agent for Windows 6.0
October 21, 2024
New Features
With this release of Qualys Cloud Agent for Windows, we bring you the following new features and enhancements.
Activation of New Qualys Application - Mitigation
With this release, Qualys Cloud Agent for Windows supports the new Qualys application - Mitigation. With the Mitigation application, you can now mitigate vulnerabilities on Windows assets using actions, scripts, and creating mitigation jobs. Once the mitigation job is successfully executed, it reduces the Qualys Detection Score (QDS) for vulnerabilities.
Despite Patch Management being the core capability in vulnerability management, the Mitigation application plays a key role, as patching might not always be feasible considering the required downtime, or the patch might not be available in the case of zero-day vulnerabilities.
The mitigation job only minimizes the risk associated with a vulnerability and does not patch it. The vulnerability displays the Mitigated status after the next VM scan.
The security and IT teams can use Mitigation capability to enhance cybersecurity resilience by addressing critical vulnerabilities without deploying a patch. This enables organizations to significantly lower their vulnerability exposure and streamline their response to cyber threats.
You can launch the mitigation jobs only for the assets associated with the selected QIDs.
For more information, refer to Qualys Mitigation Online Help.
|
Required Application Version |
Patch Management 3.0.0 Qualys Cloud Platform 3.19.0.1 Vulnerability Management Detection and Response 0.10.0 |
Cloud Agent Remote Detection
With this feature, we provide you with an option to identify the open ports on your assets and monitor the services running on them.
If this feature is enabled, Cloud Agent reports the vulnerabilities present on these ports and displays them in the Vulnerability Management (VM) user interface. This improves asset security surveillance and prompts quick actions to mitigate any potential risks.
To learn more about enabling Remote Detection, refer to Cloud Agent Online Help.
Cloud Agent Enhancements
Enhanced Database Authentication and Assessment
Vault Connection for Database Assessment Profile
With this enhancement, a new option is provided on the Cloud Agent user interface to create the vault connection for your database assessment profile. The vault connection includes details such as vault connection name, secret manager type, and vault credentials. Once configured, you can use this connection in assessment profiles to fetch the MSSQL database credentials from CyberArk Vault using Central Credential Provider or Credential Provider.
New Secret Managers for CyberArk Vault
This feature also introduces the new secret manager types, the central credential provider (CCP) and credential provider (CP).
You can use the CP and CCP under the following conditions:
- Use the CCP as a secret when the database credentials are managed through a common system for all the agent hosts in your subscription
- Use the CP as a secret manager when database credentials are managed by the Cloud Agent host itself.
Proxy Configuration Support for MSI-based Installation
With this release, we are extending the proxy configuration support to MSI-based Cloud Agent installation. The Cloud Agent allows you to configure either a single proxy or multiple proxies in the proxy URL.
If you configure multiple proxies (maximum up to five), these act as failover options for proxy connection to Qualys Cloud Platform. If the proxy connection using all the proxies fails, Cloud Agent establishes the direct connection.
Use the following commands to configure the default proxy while installing MSI-based Cloud Agent packages.
- Installation command to configure the single proxy:
Msiexec.exe /i CloudAgent_x64.msi CustomerId={xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx} ActivationId={xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx} WebServiceUri=<platform_url>/CloudAgent/ Proxy="/u <proxy_url> /n <proxy username> /p <proxy password>" - Installation command to configure multiple proxies:
Msiexec.exe /i CloudAgent_x64.msi CustomerId={xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx} ActivationId={xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx} WebServiceUri=<platform_url>/CloudAgent/ Proxy="/u <1st proxy url>;<2nd proxy url> /n <proxy username> /p <proxy password>"
Behavior Changes
There are no behavior changes in this release.
Platform Coverage Support
With this release, the Cloud Agent for Windows supports the following new platforms (Operating Systems).
- Windows 11 24H2
- Windows Server 2025
Issues Addressed
The following notable and important issues are fixed in this release.
| Issue | Description |
|---|---|
| CRM-120767 | We fixed an issue where the Instance Metadata Service (IMDSv2) calls were failing for cloned Cloud Agents during agent the provisioning call as they were sending Gold Image or Master Node Instance ID. |
| CRM-126193 | We fixed an issue where the Cloud Agent was sending virtual MAC Addresses during provisioning by configuring it to collect only valid MAC addresses. |
| CRM-127256 | We fixed an issue where duplicate Cloud Agent records were generated for a unique host due to repeated reprovisioning of Cloud Agent caused by an empty Instance ID response from the API. |
| CRM-87668 | We fixed an issue where the security identifier (SID) - Name translations done by the Cloud Agent were causing SID traffic on the Domain Controllers. |
Known Issues, Limitations, and Workarounds
There are no known issues or limitations noticed for this release.