Custom Assessment and Remediation Release 2.5 - New Features and Updates

April 07, 2025

Enhanced Detection Logic for Custom QID Based on Script Output

We have introduced a new detection logic for identifying custom QIDs using script output instead of exit codes. In many cases, script results may not return meaningful exit codes or may produce detailed logs. This enhancement ensures accurate QID detection even in such scenarios, making it possible to detect custom QIDs when exit codes are unavailable.
The output-based detection uses regex and pattern matching for advanced evaluation, enabling more precise, complex, and rule-based detections. 

To configure this new detection logic, specify the following while creating a Custom QID script:

  • Cardinality: It defines the rules for comparing and matching the actual script output with the expected values. 
    Available Cardinality options include:
    • Contains
    • Does Not Contain
    • Intersect
    • Matches
    • Is Contained In
    • Custom Regex

    For more information on these options, refer to the CAR Online Help.

  • Value: It is the value against which the script output is evaluated.
  • Evaluation Criteria: It refers to the result of the detection logic, indicating whether the cardinality is met based on the script execution output, determining if QID is detected or not detected.

Once you execute the script, the system evaluates the script output against your specified detection logic to detect Custom QID.

Introduced Lab Asset Tags for Lab Assets

We have introduced a new feature that allows you to execute and test scripts on lab assets using lab asset tags. This feature eliminates the need to manually select individual assets and allows you to specify one or more lab asset tags for script testing.
To use this feature, add the existing required tags to the lab asset tags list and specify these tags while testing scripts.

To view, add, or delete lab asset tags, navigate to Configuration > Lab Assets > Manage Lab Asset Tags.

Only a user with a Manager role has access to create, add, edit, or delete the lab asset tags. Other users can only view the lab asset tags.

Improved the Script Testing Flow

With the release, you can use lab asset tags to add assets for script testing. This helps in adding assets in bulk for script evaluation. Earlier, you could select assets manually for script evaluation.
To add the assets based on lab asset tags, select the lab asset tags while testing the script. The script is evaluated on the assets associated with the selected lab asset tags.

For more information, refer to the CAR Online Help.

API Enhancements

We have enhanced the CAR APIs to include support for lab asset tags and Custom QID detection features and introduced two new APIs for managing lab asset tags. For more information on these APIs, refer to the Qualys Custom Assessment and Remediation 2.5 API Release Notes.

 

© 2025 Qualys, Inc. All rights reserved. Privacy Policy.