Release 3.19

October 17, 2024

What's New?

The following are the new features and enhancements provided by the Qualys Cloud Platform 3.19.0 release.

Administration

New feature - Activity Logs 

Before this release, the Activity Logs feature was available only to limited customers. With this release, it is now available to all customers.

As shown in the following screen capture, click the Activity Logs tab from the Administration utility. You can then see the Activity Logs and Reports tab.

 The Activity Logs tab is visible to the Super Users and Users with admin permissions and Manager roles.

Activity Logs and Reports tab.

  • You can capture activities or actions from various modules across the Qualys platform and make them available in one place.
  • You can create and download activity logs reports. Also, you can view the list of reports created earlier, where you can see details, such as report name, the user who created the report, report status, etc.
  • You can enter the Qualys Query Language (QQL) query using the activity log tokens and view the required activity log details.
  • You can filter your action logs by selecting the required filters from the left pane, such as Action, Users, Module, or User Role. You can also use these filters in combination.

To know more about the Activity Logs functionality, refer to the Online Help.

Restructuring of Tabs

Previously, the Role Management and Defaults tabs were visible under the Users tab. With this release, these tabs are restructured. 

Before After

Old Admin UI tab.

Restructured Admin UI tabs.

 

Cloud Agent

New Feature - Trigger Alerts for Insufficient Licenses

With this new feature, the Cloud Agent user interface helps keep you informed of your insufficient licenses. When you exhaust all your licenses to activate Cloud Agents and your license count becomes zero, the Cloud Agent user interface displays alerts for it.

The license usage alerts are enabled by default for all the applications in your subscription.

Insufficient License Alert screen.

Support to Log Activation Key Changes

To trace the changes, the activation key configuration logs are displayed in the Administration application. The activation key change log contains details such as the log title and changes made to the activation key.

With this enhancement, this feature gives you more detailed logs for activation key edits such as activation key title change and activation key limit change.

To view the activation key change logs, navigate to the Activity Logs tab in the Administration application.

Activation Key change logs.

Installation Instructions for MacOS Cloud Agents

The Cloud Agent user interface displays the installation instructions to aid you in the installation process. With its latest enhancement, we have updated the installation instructions for MacOS Cloud Agent to support the updated installer package name.

To see the Install Instructions, select the platform type for your Cloud Agent and click Install Instruction.

MacOS Install Instructions.

New Tokens for Cloud Agent UI

The following new token(s) is/are added to the Cloud Agent UI.

Token Description
agentPlatform:<value> Use this token to search the assets based on the platform type.

Select one of the following values for this token: WINDOWS, LINUX, MACOSX, AIX,
BSD, LINUX_ARM, LINUX_AWSBR,
LINUX_AWSBR_ARM, LINUX_COREOS,
LINUX_GCPCOS, LINUX_PPC64, 
LINUX_PPC64LE, LINUX_S390X,
LINUX_UBUNTU, LINUX_UBUNTU_ARM, LINUX_UBUNTU_S390X, MACOSX_M1, 
SOLARIS_SPARC, SOLARIS_X86, GENTOO_LINUX.

For example, to search the assets with the Linux ARM platform.

agentPlatform:"LINUX_ARM"

This query generates a list of assets whose platform type matches the selected value, such as Linux ARM.

Removed Tokens from Cloud Agent User Interface

The following unused token(s) are removed from the Cloud Agent user interface.

Token Description
pendingActivationForModules This token was used to generate the list of applications that were pending activation for a Cloud Agent.

Download Software Component List or Software Bill of Materials in Cyclone Dx Format

With this release, you can download the list of software components or Software Bill of Materials (SBOM) on host assets in the Cyclone Dx format from asset details.

To download the software component list, in the asset details, click Software Components > Download

In the Datalist Download dialog box, select the Software Bill of Materials (SBOM) and the schema version for doanloading the report. 

This feature is available only for the assets for which SwCA is activated. 

Continuous Monitoring

Support for IPv6 Addresses in Monitoring Profile

In the Continuous Monitoring application, you can select the host assets you want to monitor using either the asset tags or IP address/range. However, Continuous Monitoring previously supported only IPv4 addresses to specify the host assets in the monitoring profile. With this enhancement, Continuous Monitoring now allows you to specify the host assets using the IPv6 addresses as well.

The Continuous Monitoring application supports creating asset tags with IPv4 addresses, whereas asset tags creation using IPv6 addresses is not supported.

SAQ pill

  Security Assessment Questionnaire

Enhancement in Excel Template

We have improved our Excel Template. We have added three additional columns AnswerScores, AnswerCommentRequired, and AnswerAttachmentRequired. Now you can add scores, comments, and attachments for each answer option directly within the template. Earlier, these details had to be entered manually through SAQ UI after importing the Excel template.

The introduction of these new columns in the Excel template may affect the automation process when entering data. You need to add these three new columns to the Excel template before entering data.

Ensure to follow those recommendations before importing the template.

  • Answer scores, answer comments, and answer attachment order must be the same within the answerOptions.
  • AnswerScores are supported for the following question types: drop-down, boolean, multi-select, and single-select questions.
  • AnswerCommentsRequired and AnswerAttachmentRequired are supported only for drop-down, single-select, and multi-select questions.

Issues Addressed

Category/Component Application Description
Cloud Agent UI Cloud Agent When an asset is provisioned, it shows two IPs: the host IP and 0.0.0.0. We fixed this issue by adding a check that if the IP address is 0.0.0.0, it is not shown in the network information tab.
Portal VMDR We fixed an issue where the VM Scan API failed due to incorrect data received from connectors when it got stuck in the queued state.

Impacted API-
POST: /qps/rest/api/2.0/fo/scan/?action 
WAS API WAS We fixed an issue where WAS Scan API generated an HTTP Error with error code 400 while searching for some specific scan IDs.

Impacted API-
GET: /qps/rest/3.0/get/was/wasscan/<id>
WAS API WAS We fixed an issue where the Scan Again API could not launch a scan when the previous scan was launched from the New-WAS user interface on an external scanner.

Impacted API-
POST: /qps/rest/3.0/scanagain/was/wasscan/<id>
SAQ UI SAQ We made relevant code changes to address an issue where users got an error in the Edit Section while editing a template.
SAQ UI SAQ We addressed an issue in which a user reported that a vendor completed an assessment and could see the response, but the dashboard did not display a risk rating of high, medium, or low. This issue occurred because the vendor did not provide an actual answer and only added a comment. Now, selecting an answer is mandatory before commenting.