Enterprise TruRisk™ Platform Release 3.22.1
October 10, 2025
With this release of the Enterprise TruRisk™ Platform, we are introducing the following new features and enhancements.
 |
Cloud Agent |
Install FedRamp Compliant Cloud Agent
We have introduced a new variable in the Cloud Agent installation command to select a FedRamp-compliant package while installing the Cloud Agent. You can select the FEDRAMP={true|false} to install the FedRamp-compliant package for Windows Cloud Agents. This feature provides better control over FedRamp-compliant Cloud Agent deployment.
Sample Installation Command for installing FedRamp-compliant Cloud Agent:
QualysCloudAgent.exe ACTIVATIONID={xxxxxxx-xxxx-xxxx-xxxxxx} CUSTOMERID={xxxxx-xxx-xxx-xxx-xxx-xxxxx} WEBSERVICEURI=<qualys_platform_url>/CloudAgent/ FEDRAMP=true
Where,
- FEDRAMP=true: FedRamp-compliant Cloud Agent installation
- FEDRAMP=false: Normal Cloud Agent installation
- <qualys_platform_url>: Placeholder for Qualys Platform URL
The feature to select a FedRamp-compliant build for installation is available only for the Windows Cloud Agents.
Refer to Cloud Agent online help to learn more about installing the FedRamp-compliant Cloud Agent.
Display SwCA Configuration Profile Details in Cloud Agent Reports
We have updated the Software Component reports to display the SwCA Configuration Profile Details. This helps you identify the SwCA Configuration Profile associated with the respective software component.
Earlier, the SwCA Configuration Profile was displayed in the Cloud Agent reports, but the same information was not available in the Software Component Reports.
To download the Software Components report, select the desired asset from the Agent Management > Agents tab. In the Quick Actions menu, click View Asset Details. In the Software Components section, click Download.
Software to Component Mapping Data Collection
We introduced a new option in the SwCA configuration profile to enable the software to component mapping data collection. If you enable this option in the SwCA Configuration profile, SwCA automatically collects software to component mapping data at regular intervals.
This enhancement reduces the backlog in software to component mapping data and ensures that latest component data is available with SwCA for analysis.
By default, this feature is disabled. To enable it, select the Software Atlas checkbox in the SwCA Configuration profile.
Enhancements for Cloud Agent Report Download
We have updated the default download format for the Cloud Agent reports to .csv. Earlier, the default download format was .pdf. This enhancement is targeted to reduce the latency in the Cloud Agent report download process when the report is generated for more than 2000 assets.
The Cloud Agent PDF report can be downloaded for a maximum of 2000 assets. Downloading the PDF report for more than 2000 assets is not supported.
New Naming Conventions for Cloud Agent Packages
We have updated the naming convention of downloaded Cloud Agent packages to QualysCloudAgent_<version>_<platformType>.exe. Earlier, all the Cloud Agent packages were named as QualysCloudAgent.exe. The new naming convention helps you identify the Cloud Agent version and platform type without checking the properties.
For example, QualysCloudAgent_6.0.0.13_x86.exe.
In the installation command, the Cloud Agent package is referred to as QualysCloudAgent.exe. As we adopted the new naming convention for Cloud Agent packages, you must update the installation command with the proper downloaded package name. Using the old package name in the installation command will result in installation failure.
The following is the sample installation command for the QualysCloudAgent_6.0.0.13_x86.exe package.
QualysCloudAgent_6.0.0.13_x86.exe CustomerId={xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx} ActivationId={xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx} WebServiceUri=<qualys_platform_url>/CloudAgent/
New Tokens
We have introduced the following new tokens for Cloud Agent search.
| Token Name | Description |
|---|---|
| agent.downloadedManifestVersion | Use this token to search Cloud Agents that have downloaded a specific manifest version. Syntax agent.downloadedManifestVersion: `Manifest_Version`Example: Search Cloud Agents that have downloaded the PC-2.6.422.3-2 manifest. agent.downloadedManifestVersion: `VULNSIGNS-PC-2.6.422.3-2`
|
| agent.lastDeepScanDate | Use this token to search Cloud Agents using the last Deep Scan date. Syntax agent.lastDeepScanDate:<Date_Value>Example: Search Cloud Agents that have executed the Deep Scan on October 01, 2025. agent.lastDeepScanDate:01-10-2025
|
Token Updates
We have updated the following Cloud Agent Token(s):
| Token Name | Description |
|---|---|
| service.description | We renamed the token image.service.description to service.description.Use text values within quotes or backticks to find the service description you're looking for. Quotes can be used when the value has more than one word. Example: Show any findings with the given description service.description: Windows Event Log
|
| service.name | We renamed the token image.service.name to service.name.Use text values within quotes or backticks to find the service name you're looking for. Quotes can be used when the value has more than one word. Example: Show any findings with the given name service.name: eventlog
|
| service.status | We renamed the token image.service.status to service.status.Use text value within quotes or backticks to find the service status you're looking for. Quotes can be used when the value has more than one word. Example: Show any findings with the given status |
Issues Addressed
The following important and notable issues are fixed in this release:
| Category/Component | Application | Description |
|---|---|---|
| Cloud Agent Activation | Cloud Agent | We fixed an issue where the remaining license count was not displayed for the Patch Management, TruRisk Mitigate, and TruRisk Isolate applications when the License Count was not enforced for them. |
| SwCA Activation | Cloud Agent | We fixed an issue where SwCA bulk activation was not working as the process was getting stuck in the Activating state. |
| Cloud Agent Search | Cloud Agent | We fixed an issue where the search query for the Inactive Cloud Agents displayed the incorrect number of inactive Cloud Agents. |
| Report Download | Cloud Agent | In the Cloud Agent UI, downloading the datalist report in PDF format took more time. We fixed this issue by implementing the asset count limit of 2000 for PDF reports. |
| Reporting | CSAM | We fixed an issue where there was a discrepancy in the last scan date of active scanners on the Vulnerability Management and CSAM application user interface. |
| Purging | CSAM | We fixed an issue where purged MS Defender assets were displayed on the UI, as it was being reported by MS Defender as well as Qualys passive sensors. |
| Purging | CSAM | We fixed an issue where the asset count submitted for purging and the asset count displayed in the purge report were inconsistent. |
| Alert Notification | CM | We fixed an issue where the users who were removed from the account were displayed while configuring the alert notification settings. |
| Qualys Scheduling Service | WAS API | We fixed an issue where the Schedule API was not working when the Qualys Scheduling Service was enabled in the user environment. Impacted API: [POST] /qps/rest/3.0/create/was/wasscanschedule |
| Binary Download API | Cloud Agent API | We fixed an issue where the Cloud Agent Binary Download API returned an error when downloading the AWS Bottlerocket binaries. Impacted API: [POST] /qps/rest/1.0/download/ca/downloadbinary |