Release 3.0.0.0
June 21, 2024
What's New?
CyberSecurity Asset Management |
The following are the new features available with the CSAM subscription.
Technology Debt Report
Before this release, VMDR customers with in-product workflow could generate the automated Technology Debt (Tech Debt) PDF report. GAV customers could also generate and download this report on a request basis. With this release, we extended the automated Technology Debt (Tech Debt) report generation from CSAM (Trial and Full) subscription.
The Tech Debt Report for CSAM (trial and full) users is available on a request basis. Contact your Technical Account Manager or Qualys Support.
Refer to the Technology Debt Report section from the CSAM 2.18 UI Release Notes to know more about the features and benefits of the Tech Debt report. Refer to the Online Help to know more about generating the Tech Debt Report from CSAM.
Unresolved Domains Report
With this release, we introduced the Unresolved Domains Report. From this report, you can get details, such as the Domain, Subdomain, Registrar, Registrant org, Registrant Email ID, and Creation Date for the unresolved domains and subdomains you selected.
First Found Date and Last Updated Date Columns in Reports
You can add the First Found Date and Last Updated Date columns while creating reports.
The Certificate Details and Unresolved Domains reports are exceptions.
After downloading the report, the First Found and Last Updated dates are shown based on the timezone selected when creating it.
Example: Asset Open Ports Details Report
CVE or QID Option Introduced to EASM Lightweight Scan-Based Vulnerability Details Report
While downloading the report for vulnerabilities detected using the EASM lightweight scan, you can now see CVE and QID options on the Download Formats page. When you select the CVE option, the report includes the CVE details for the QIDs.
The EASM Lightweight Scan feature is available to limited customers as an early preview available on a request basis. Contact your Technical Account Manager or Qualys Support. To know more about this feature, refer to the EASM Lightweight Scan section from the CSAM 2.18 UI Release Notes.
TruRisk Score Option Added to the Add Widget to Dashboard
With this release, a new option, TruRisk Score, has been added to the Add Widget to Dashboard. You need to select the EASM application and Vulnerabilities option.
After you create the TruRisk Score widget based on the QQL you provided, you can see the important TruRisk details, such as TruRisk score, the total contributing vulnerabilities, and their breakdown.
CyberSecurity Asset Management and Global AssetView |
The following are the new features available with the CSAM and GAV subscriptions.
Open Ports Option Introduced to Add Widget to Dashboard
For CSAM and GAV, Open Ports is a new option added to the Add Widget to Dashboard. You can create the Open Ports widgets, such as Open Ports discovery Sources, Open Ports detected service, and Open Ports protocol, based on the QQL you enter in the Widget Query field. Note that in the case of GAV, openPorts:(detectionScore:
and openPorts:(authorization:
QQLs are not supported.
API Enhancement
Using the CSAM V2 and V1 APIs, you can now view the details of running software instances. The newly added "softwareInstances" field in the API response provides details of the software instances and metadata for each software. For more information, see CSAM 3.0 API Release Notes.
New Tokens
Refer to the following table to learn more about the tokens added to CSAM and GAV. The following tokens are shown on the Inventory > Assets and Dashboard tabs.
Token | Description |
vmManifestVersion |
Use the manifest version to find host assets, where a VM scan is performed using the specific manifest version. |
pcManifestVersion |
Use the manifest version to find host assets, where a PC scan is performed using the specific manifest version. |
udcManifestVersion |
Use the manifest version to find host assets, where the UDC scan is performed using the specific manifest version. |
middlewareManifestVersion |
Use the manifest version to find host assets, where a middleware scan is performed using the specific manifest version. |
scaManifestVersion |
Use the manifest version to find host assets, where an SCA scan is performed using the specific manifest version. |
The following tokens are shown on the Inventory > Certificates tab.
Token | Description |
instance:(lastEasmScanDate |
Use a date range or specific date to find instances based on the last EASM scan date. |
instance:(lastFound |
Use a date range or specific date to find when the instances were last found. |
Issues Addressed
The following reported and notable customer issues have been fixed in this release.
Component/Category | Description |
CSAM+GAV - EASM Discovery |
We fixed the issue where the certificate ID with the latest timestamp was not shown when a certificate was updated or renewed. |
CSAM+GAV - Asset Mapper |
We fixed the issue where, at times, the dynamic tags were shredded from the assigned objects. |
CSAM+GAV - Asset Mapper |
We fixed the issue where the Cisco device's lifecycle information was not shown in the CSAM application. |
CSAM+GAV - Signatures |
We fixed the issue where the correct version of the CrowdStrike Falcon sensor was not shown. |
CSAM+GAV - Signatures |
We fixed the issue where the Oracle WebLogic software Lifecycle details were shown as Not Applicable/Unknown. |
CSAM+GAV - Asset Mapper |
We fixed the issue where the hardware manufacturer/model details were not updated on the CSAM application. |