Enterprise TruRisk Management Release 1.8.1
April 14, 2026
Attach Supporting Evidence to Review and Close Findings
The Supporting Artifacts feature lets you attach files or links as evidence to findings. This makes it easier to review or close findings while maintaining a clear record of supporting evidence. You can use this feature from the Findings tab for one or more findings at a time. You can upload several files at once.
This feature is available upon request; contact Qualys support or your Technical Account Manager (TAM) to activate it for your account.
You can use this feature to:
- Justify why you closed findings.
- Attach supporting evidence (files or links) to findings.
- Track the history of actions and evidence.
- Store all supporting evidence within the platform.
- Consolidate all files and links in one place.
The benefits of Adding Supporting Artifacts are:
- Audit and Compliance
You can create a clear audit trail by attaching evidence, reducing compliance risk, and accelerating audit processes.
- Transparency and Accountability
You can provide verifiable proof that supports evidence-based decisions and builds trust and accountability.
- Knowledge Retention
You can keep records of past decisions, and evidence streamlines onboarding and delivers better insights.
- Risk Reduction
You can validate findings to prevent mistakes and avoid premature issue closure.
Access Permissions
The Manager user can add, update, or delete supporting evidence, while all other users can view it.
To Add Supporting Artifacts, navigate to ETM > Risk Management > Select the Findings. From the Actions menu, click Add Supporting Artifacts.
In the Risk Management tab, a new column is added to display the Supporting Artifacts.
You can view the option to add supporting artifacts on the CVE details page.
To add the Supporting Artifacts, navigate to ETM > Risk Management > Select the Findings.
View the details of the selected findings. The highlighted section in Finding Details displays the option to add Supporting Artifacts.
Asset Visibility for Unified Asset Inventory (UAI) Enabled Accounts
You can now view software details and open port information for your assets using the Software and Open Ports tabs in UAI‑enabled accounts.
This visibility helps you:
- Access all relevant asset insights in one place, reducing the need to switch between multiple tools or reports.
- Track software life cycle (including end-of-life) and authorization status to support audit and compliance requirements.
- Identify potential vulnerabilities early (for example, risky open ports or unsupported software) and take action before issues escalate.
Software Tab
View all software across your assets, including license details, platform, lifecycle status, end-of-life information, and authorization status.
Open Ports Tab
Monitor open ports across your assets to better understand exposure and manage potential security risks.
Introduced a New Token for Findings
|
Token |
Tab |
Description |
|---|---|---|
|
finding.nonRunningKernel |
Risk Management > All Risk Management > Vulnerabilities Risk Management > Vulnerabilities > Asset (sub tab) Risk Management > Vulnerabilities > Asset > Asset Details Dashboard > Query Settings > Assets > Finding Query |
Use the token values TRUE or FALSE to display findings associated with non-running kernels.
|
Issues Addressed
The following reported issues are fixed in this release.
| Component | Description |
|---|---|
| ETM Findings | Duplicate findings caused due to case differences, such as Windows 11 23h2 versus Windows 11 23H2 are no longer created. Findings are now consolidated by ignoring case differences, improving result accuracy and reducing duplication. |
|
TruRisk™ Customization |
Some users were unable to access asset details from the Inventory view and received an unauthorized access message. You can now successfully open and view full asset details, including TruRisk, from the inventory on your assigned tag scope, ensuring consistent access across views and smoother daily workflows. |