Qualys Endpoint Detection and Response
Endpoint Detection and Response (EDR) captures system activity to find indicators of compromise and action related to malware and threat actors that support investigation and response. It provides prevention, detection, and response across the entire attack life cycle. You only need one agent to perform critical security functions and respond to and remediate incidents in real-time. EDR provides active real-time monitoring and data collection and requires constant inspection, scanning, and data collection. To get started with EDR, build your inventory and configure cloud agents.
EDR Concepts and Terminologies
Following are some of the common concepts and terminologies that you might come across while using EDR:
| Terms | Description |
| Dashboard | It visualizes a graphical summary of data such as vulnerabilities, assets, and other information. You can perform multiple actions on the dashboard, such as print dashboard, import dashboard, and version history. For more information, see Manage Dashboards. |
| Criticality | Criticality is also known as Asset Criticality Score (ACS). It has a criticality range from 1 to 5 and is calculated based on the asset tags assigned. For more information, see Understanding Asset Criticality Score. |
| QQL | It is an acronym for Qualys Query Language. Using QQL, you can search queries to fetch information from the Qualys database. The query is a string of search attributes called search tokens. For more information, see Search Tokens for EDR . |
| Tags | It is a flexible and scalable method to discover and organize assets in your infrastructure. For more information, see Configure Tags. |
| TruRisk Score | It is a framework that allows you to identify the riskiest asset in your organization. Asset Criticality is the primary factor when the TruRisk score determines an asset's risk. For more information, see Prioritize Vulnerabilities using Qualys TruRisk. |
| Widgets | Data displayed in dashboards is summarized using the widgets. You can use widgets such as Numerical, Bar, Table, and TruRisk Score to display specific information. Widgets can be added to new or existing dashboards. For more information, see Knowing Widgets. |
About this Document
This document includes the UI Release Notes and API Release Notes.
- UI Release Notes consist of the release highlights or What's New for every release, new QQL tokens introduced, and a summary of customer CRMs fixed.
- API Release Notes consist of the new and updated API details and other important details, like the API deprecation timeline.
Know Your Qualys API Server URL
Depending on the Qualys platform where your account is located, you should use the Qualys API server URL for API requests. Click here to identify your Qualys platform and get the API URL.
For the API Release Notes, instead of providing any platform-specific URL, <qualys_base_url> is mentioned in the sample API requests. If you are on another platform, replace this URL with the appropriate gateway URL for your account.
Previous Release Notes
Refer to the Release Notes page for previous release notes in PDF.