Release 3.3.2.0

January 10, 2025

What's New?

CSAM and GAV pill.

CyberSecurity Asset Management and Global AssetView

Insights into Software Component Details

Before this release, you could discover the installed open-source software, libraries, and the associated vulnerabilities on your assets using the SwCA scan. 

With this release, we introduced a new tab, Components, under the Inventory > Software tab, where you can see the software components collected during the SwCA scan. These details are visible on the Components tab only after the SwCA scan is completed and the CSAM 3.3.2.0 is deployed.

Components tab.

Abstract of Other Capabilities Available from Components TabAbstract of Other Capabilities Available from Components Tab

  • Upon clicking the View Install List option from the Quick Actions menu of the specific software component, you can see all the details, such as the asset name, operating system, and component installation path. As an example, refer to the following GAV screenshot:

    Component details.
  • Upon clicking the count under the Asset Installations column, you can view all assets associated with that component.As an example, refer to the following GAV screenshot:

    component and associated assets.

One of the important enhancements made is increasing the inventory count of software components shown on the Asset Details page from 2K to 20K. This count is shown on the Installed Software tab from the Inventory section and the Software Composition Analysis (SCA) tab from the Security section on the Asset Details page. For more information, refer to the Online Help.

Asset Details Page - Installed Software tab details.

Asset Details Page - SCA tab details.

With this release, we also introduced two new APIs for obtaining the component details from the SwCA scan. For more information, refer to the New APIs to Get Insights into Software Component Details section.

Also, learn more about the new QQL search tokens that you can use from CSAM and GAV.

Enhanced User Interface (UI 4.0) of the Qualys Cloud Platform

Introducing the new and improved UI with the following key upgrades:

Enhanced Navigation for a Streamline User ExperienceEnhanced Navigation for a Streamline User Experience

Left Navigation bar.

  1. The vertical navigation bar on the left side of your screen offers quick access to modules, keeping your workspace organized. You can hover over the bar to view or hide icon labels as needed.
  2. The secondary navigation bar has been redesigned for a more intuitive user experience. Sub-menu options are displayed in a horizontal bar at the top, allowing easy access to features. Active tabs are highlighted in bold, making your current selection clear.
  3. The Tertiary options appear under the secondary bar, with fourth-level items shown as tabs or capsules. The selected item is highlighted for easier navigation.

Refreshed DashboardRefreshed Dashboard

We have improved our dashboards for better accessibility, color scheme, typography, and data interpretation. These updates ensure easy information consumption for all users.

Standardized UI Elements for Seamless NavigationStandardized UI Elements for Seamless Navigation

We have standardized the look and feel across all modules to enhance usability and ease of transition, reducing the learning curve for a more intuitive experience. These updates ensure that transitioning between modules is seamless and intuitive.

Example - Standardized UI Elements.

See it in Action

Watch this video to explore the new UI and discover the key enhancements made to improve your experience!

Enhanced UI Rollout Starting January 2025

The enhanced user interface will be rolled out in phases starting January 2025. You will receive in-platform notifications and email updates to guide you through the transition. Compatibility is seamless, with no additional setup required.

Get Ready for Qualys UI 4.0.

  • You can update your preference by switching between the Old and New UI using the toggle option until Day 90.

    Old and New UI toggle option.

  • If no preference is set, the platform will default to the New UI after the 30-day transition period.

Learn More

  • Explore the full details of these updates! Check out our blog for insights.
  • For more information on the rollout phase, refer to the Frequently Asked Questions.

Platform Name Change Update

We are renaming the Qualys Cloud Platform to the Qualys Enterprise TruRisk Platform. This change highlights Qualys' commitment to empowering CISOs, cybersecurity professionals, and risk stakeholders to effectively measure and mitigate the impact of cyber risk on their organizations. 

The Qualys Enterprise TruRisk Platform is the only cybersecurity and risk management solution that enables you to measure, communicate, and eliminate cyber risk across the extended enterprise with precise remediation and mitigation actions. 

This update does not affect the platform’s functionality or features. Starting in January 2025, the name change will be implemented in phases across all product interfaces. 

For more information, check out this blog.

CSAM pill.

CyberSecurity Asset Management

Enhancement to the EASM Vulnerability Details Report

Before this release, you could not exclude the IG-type QID details from the EASM Vulnerability Details report. With this release, a new checkbox, Information, is added under the Exclude Vulnerabilities section on the Report Source page of the EASM Vulnerability Details report.

This checkbox is selected by default; in this case, the IG-type QID details are excluded from the report when created. If you clear the checkbox, the IG-type details are included in the report.

 If you edit the existing EASM Vulnerability Details report, the Excluded Vulnerabilities checkbox is cleared. You can select the checkbox to exclude the IG-type details from the report.

Information checkbox to include or exclude the IG-type QID details.

New APIs to Get Insights into Software Component Details

With this release, we have introduced the following two new APIs. For more information, refer to the CSAM 3.3.2.0 API Release Notes.

  • List of Software Components for All Assets: Use this API to get the list of all components discovered from the SwCA scan.
  • List Software Components for Specific Asset ID: Use this API to get the list of software components for a specific assetId discovered from the SwCA scan.

New QQL Tokens

Refer to the following table to learn more about new QQL tokens for CSAM and GAV:

Token  Tab  Description

component.name

Inventory > Software > Components tab

Asset Details page > Security Section > Software Composition Analysis (SCA)Components tab

 

 

Find the software components for the specified component name. 

component.version

Find the software components for the specified version.

component.technology

Find the software components for the specified technology.

Issue Addressed

The following reported and notable customer issue is fixed in this release.

Component/Category Description
CSAM+GAV-Asset Details We fixed the issue where, for some of the assets, the installed software details were not found on the Asset Details page.

 

© 2025 Qualys, Inc. All rights reserved. Privacy Policy.