Release 3.3.2.0

January 10, 2025 (Updated on February 27, 2025)

What's New?

CSAM and GAV pill.

CyberSecurity Asset Management and Global AssetView

The following are the new features available with the CSAM and GAV subscriptions.

Insights into Software Component Details

Before this release, you could discover the installed open-source software, libraries, and the associated vulnerabilities on your assets using the SwCA scan. 

With this release, we introduced a new tab, Components, under the Inventory > Software tab, where you can see the software components collected during the SwCA scan. These details are visible on the Components tab only after the SwCA scan is completed and the CSAM 3.3.2.0 is deployed.

Components tab.

  • 47.9 K components highlighted in the screenshot are installed on various assets on different paths.
  • 15761 are the unique components discovered/fetched.
  •  When you download the component report, the unique component details are downloaded.

A maximum of 50 K components can be downloaded.

Abstract of Other Capabilities Available from Components TabAbstract of Other Capabilities Available from Components Tab

  • Upon clicking the View Install List option from the Quick Actions menu of the specific software component, you can see all the details, such as the asset name, operating system, and component installation path. As an example, refer to the following GAV screenshot:

    Component details.
  • Upon clicking the count under the Asset Installations column, you can view all assets associated with that component.As an example, refer to the following GAV screenshot:

    component and associated assets.

One of the important enhancements made is increasing the inventory count of software components shown on the Asset Details page from 2K to 20K. This count is shown on the Installed Software tab from the Inventory section and the Software Composition Analysis (SCA) tab from the Security section on the Asset Details page. For more information, refer to the Online Help.

Asset Details Page - Installed Software tab details.

Asset Details Page - SCA tab details.

With this release, we also introduced two new APIs for obtaining the component details from the SwCA scan. For more information, refer to the New APIs to Get Insights into Software Component Details section from this Release Notes.

To learn the QQL tokens that you can use from CSAM and GAV, refer to the new QQL search tokens section from this UI Release Notes. 

Enhanced User Interface (UI 4.0) of the Qualys Cloud Platform

Introducing the new and improved UI with the following key upgrades:

Enhanced Navigation for a Streamline User ExperienceEnhanced Navigation for a Streamline User Experience

Left Navigation bar.

  1. The vertical navigation bar on the left side of your screen offers quick access to modules, keeping your workspace organized. You can hover over the bar to view or hide icon labels as needed.
  2. The secondary navigation bar has been redesigned for a more intuitive user experience. Sub-menu options are displayed in a horizontal bar at the top, allowing easy access to features. Active tabs are highlighted in bold, making your current selection clear.
  3. The Tertiary options appear under the secondary bar, with fourth-level items shown as tabs or capsules. The selected item is highlighted for easier navigation.

Refreshed DashboardRefreshed Dashboard

We have improved our dashboards for better accessibility, color scheme, typography, and data interpretation. These updates ensure easy information consumption for all users.

Standardized UI Elements for Seamless NavigationStandardized UI Elements for Seamless Navigation

We have standardized the look and feel across all modules to enhance usability and ease of transition, reducing the learning curve for a more intuitive experience. These updates ensure that transitioning between modules is seamless and intuitive.

Example - Standardized UI Elements.

See it in Action

Watch this video to explore the new UI and discover the key enhancements made to improve your experience!

Enhanced UI Rollout Starting January 2025

The enhanced user interface will be rolled out in phases starting January 2025. You will receive in-platform notifications and email updates to guide you through the transition. Compatibility is seamless, with no additional setup required.

Get Ready for Qualys UI 4.0.

  • You can update your preference by switching between the Old and New UI using the toggle option until Day 90.

    Old and New UI toggle option.

  • If no preference is set, the platform will default to the New UI after the 30-day transition period.

Learn More

  • Explore the full details of these updates! Check out our blog for insights.
  • For more information on the rollout phase, refer to the Frequently Asked Questions.

Platform Name Change Update

We are renaming the Qualys Cloud Platform to the Qualys Enterprise TruRisk Platform. This change highlights Qualys' commitment to empowering CISOs, cybersecurity professionals, and risk stakeholders to effectively measure and mitigate the impact of cyber risk on their organizations. 

The Qualys Enterprise TruRisk Platform is the only cybersecurity and risk management solution that enables you to measure, communicate, and eliminate cyber risk across the extended enterprise with precise remediation and mitigation actions. 

This update does not affect the platform’s functionality or features. Starting in January 2025, the name change will be implemented in phases across all product interfaces. 

For more information, check out this blog.

CSAM pill.

CyberSecurity Asset Management

The following are the new features available with the CSAM subscription.

Enhanced Domain Resolution Accuracy with Additional DNS Sources

In addition to the existing SHODAN DNSDB, SHODAN GeoDNS, and Google DNS sources, we added two new DNS sources, Cloudflare and Quad9, to enhance the DNS resolution and make it more robust.

Additionally, we provided the capability of viewing the DNS sources for assets. To see the DNS sources, navigate to the Asset Details Page > Security section > External Attack Surface tab and click the DNS DATA tab. Under the Sources column, you can see the DNS sources used to fetch the DNS record.

Asset DNS sources.

Enhancement to the EASM Vulnerability Details Report

Before this release, you could not exclude the IG-type QID details from the EASM Vulnerability Details report. With this release, a new checkbox, Information, is added under the Exclude Vulnerabilities section on the Report Source page of the EASM Vulnerability Details report.

This checkbox is selected by default; in this case, the IG-type QID details are excluded from the report when created. If you clear the checkbox, the IG-type details are included in the report.

 If you edit the existing EASM Vulnerability Details report, the Excluded Vulnerabilities checkbox is cleared. You can select the checkbox to exclude the IG-type details from the report.

Information checkbox to include or exclude the IG-type QID details.

EASM Performance Improvements

E-mail Registrant Lookup

You can now auto-discover more assets and domains without adding them to the catalog or EASM configuration.

Earlier, the EASM could find all domains linked to an email address using domains from the catalog. The latest update improves this process by performing recursive lookups on the Email Domain field, allowing it to discover additional related domains. If a new domain is identified from an existing one, the service uses that newly found domain as an email domain to continue the search, enabling more comprehensive domain enumeration.

CNAME Records Improvement

You can now auto-discover more assets and domains by following the CNAME chain.

Earlier, only the SHODAN DNS database and DNS APIs were used to fetch CNAME records for many subdomains, and recursive lookups were not performed on CNAME records. So, it wasn't possible to follow the chain of CNAME resolutions to find more associated domains.

More Coverage of SSL Certificates

You can now get more coverage on SSL certificates.

Earlier, EASM could index the SSL certificates only if the Common Name (CN) in the certificates matched one of the enumerated domains. With the latest enhancement, the Subject Alternative Name field is also considered in addition to CN. Additionally, another check is introduced to verify if the IP addresses are also part of an ASN belonging to the domain or its subsidiaries. The SSL certificate is indexed if any of these conditions are met using OR logic.

New APIs to Get Insights into Software Component Details

With this release, we have introduced the following two new APIs. For more information, refer to the CSAM 3.3.2.0 API Release Notes.

  • List of Software Components for All Assets: Use this API to get the list of all components discovered from the SwCA scan.
  • List Software Components for Specific Asset ID: Use this API to get the list of software components for a specific assetId discovered from the SwCA scan.

New QQL Tokens

Refer to the following table to learn more about new QQL tokens for CSAM and GAV:

Token  Tab  Description

component.name

Inventory > Software > Components tab

Asset Details page > Security Section > Software Composition Analysis (SCA)Components tab

 

 

Find the software components for the specified component name. 

component.version

Find the software components for the specified version.

component.technology

Find the software components for the specified technology.

Issue Addressed

The following reported and notable customer issue is fixed in this release.

Component/Category Description
CSAM+GAV-Asset Details We fixed the issue where, for some of the assets, the installed software details were not found on the Asset Details page.

 

© 2025 Qualys, Inc. All rights reserved. Privacy Policy.