Enterprise TruRisk™ Platform Release 3.21
May 12, 2025
 |
Cloud Agent |
Introducing Qualys Policy Audit
We are introducing a new tool, Qualys Policy Audit. This tool allows you to continuously monitor the compliance status of your assets and keeps you audit-ready.
Check out our blog for insights to discover the key enhancements designed to improve your audit readiness.
The following are the two different methods to activate Policy Audit for your Cloud Agent:
| Activation Method | Activation Path |
|---|---|
| Activate Policy Audit while creating an activation key | Navigate to Agent Management > Activation Keys tab and click New Key. Select the checkbox for Policy Audit.
|
| Activate Policy Audit for installed Cloud Agent | Navigate to Agent Management > Agents tab and select a Cloud Agent from list. In the Quick Actions menu, click Activate Agent option and switch Policy Audit tag to ON.
|
Qualys Policy Audit application is not available by default. To get this application enabled for your subscription, contact Qualys Technical Account Manager or Qualys Support.
New Tokens
We introduced the following new token(s) in the Cloud Agent.
| New Token | Description |
|---|---|
| paLastManifestVersionProcessed | Use this token to find the assets with the last Policy Audit manifest version processed by the Cloud Agent. Syntax: paLastManifestVersionProcessed: "VULNSIGS-PA-2.5.999-6"
|
Token Updates
We have updated the following Cloud Agent tokens.
| Updated Token | Description |
|---|---|
| activatedForModules | Use this token to find the assets that are activated for specified modules. We have updated this token to support the new Policy Audit (PA) module. Example: Find the assets activated for Policy Audit and Vulnerability Management. Sample search query - activatedForModules: "PA, VM"
|
| middlewareLastManifestVersionProcessed | We have renamed the middlewareManifestVersion token to middlewareLastManifestVersionProcessed. Use this token to find the assets with the last Middleware manifest version processed by the Cloud Agent. Syntax - middlewareLastManifestVersionProcessed: "VULNSIGS-MIDDLEWARE-SCAN-2.5.884-2"
|
| pcLastManifestVersionProcessed | We have renamed the pcManifestVersion token to pcLastManifestVersionProcessed. Use this token to find the assets with the last Policy Compliance (PC) manifest version processed by the Cloud Agent. Syntax - pcLastManifestVersionProcessed: "VULNSIGS-PC-2.5.889-6"
|
| vmLastManifestVersionProcessed | We have renamed the vmManifestVersion token to vmLastManifestVersionProcessed. Use this token to find the assets with the last Vulnerability Management (VM) manifest version processed by the Cloud Agent. Syntax - vmLastManifestVersionProcessed: "VULNSIGS-VM-0.49.0.0-18"
|
| scaLastManifestVersionProcessed | We have renamed the scaManifestVersion token to scaLastManifestVersionProcessed. Use this token to find the assets with the last Security Configuration Assessment (SCA) manifest version processed by the Cloud Agent. Syntax - scaLastManifestVersionProcessed: "VULNSIGS-SCA-2.5.891-2"
|
| udcLastManifestVersionProcessed | We have renamed the udcManifestVersion token to udcLastManifestVersionProcessed. Use this token to find the assets with the last PC UDC manifest version processed by the Cloud Agent. Syntax - udcLastManifestVersionProcessed: "UDCVULNSIGS-1014"
|
 |
Web Malware Detection |
New QIDs for Server Authentication Status in Web Malware Detection
We have introduced new QIDs to get visibility into server authentication used in malware scans in Web Malware Detection (MDS). These QIDs are available in the Detections and KnowledgeBase tabs and can be added to the reports.
The following table presents the new QIDs and descriptions.
| QID | Description |
|---|---|
| 206008 | This QID reports the detections for websites with server authentication enabled. |
| 206009 | This QID reports the detections for websites that are successfully logged in with server authentication. |
| 206010 | This QID reports the detection of websites that failed the server authentication login. |
Issues Addressed
The following important and notable issues are fixed in this release.
| Component/Category | Application | Description |
|---|---|---|
| Asset Purging | CSAM | We fixed an issue where users could not use the AWS account IDs while creating the purge rule for AWS instances, even when they had multiple AWS instances in their subscription. |
| Policy Evaluation | AssetView | We fixed an issue where an unknown policy, not present under the policy tab, was being evaluated for the assets. |
| Asset Purging | CSAM | We fixed an issue where users could not purge the assets that were never scanned under the VM scan by providing an option to purge or delete these assets from the inventory. |
| Tagging | Administration | We fixed an issue where users could not add the child tags for Administration - Rules and Scope by increasing the tag fetching limit. |
| Asset Identification | CSAM | We fixed an issue where the asset hostnames displayed by Cloud Agent and the connector were inconsistent. Now, we give precedence to the asset name fetched by Cloud Agent instead of connector for asset having Cloud Agent installed. |
| Reports | CSAM | We fixed an issue where the Last Synced Date for Agent field was not displayed in the scheduled report. |
| Asset Activation | CSAM | We fixed an issue where users were getting an error while activating assets from the Unmanaged Assets tab, as they were unable to fetch asset details. |
| WAS Scans | WAS | We fixed an issue where incorrect information was displayed in action logs for the scanner appliances when a scan was launched using the scanner pool tag. |
| WAS API | WAS | We fixed an issue in which some web application records did not display the application name in the Search WAS Scan API response. Impacted API: /qps/rest/3.0/search/was/wasscan
|