Release 2.14

January 20, 2025

What’s New?

TotalCloud 2.14.0 brings updates to the user interface, resource inventory, controls and more.

Enhanced User Interface (UI 4.0) of the Qualys Cloud Platform  

Introducing the new and improved UI with the following key upgrades: 

  • Enhanced Navigation for a Streamlined User Experience 

  • Refreshed Dashboards 

  • Standardized UI Elements for Seamless Navigation 

  • Reorganized the Communication Tab for Easier Information Management 

See it in Action

Watch this video to explore the new UI and discover the key enhancements designed to improve your experience!

Enhanced Navigation for a Streamlined User Experience

The redesigned navigation menu offers a streamlined layout with apparent distinction between primary, secondary, and tertiary navigation elements, making it easier to access critical features.

Primary Navigation Element

The vertical navigation bar on the left side of your screen offers quick access to modules, keeping your workspace organized. You can hover over this bar to view or hide icon labels as needed.

TotalCloud homepage with UI 4.0

Secondary Navigation Element

The secondary navigation bar displays options horizontally at the top for easy access, with active tabs highlighted in bold for clarity.

TotalCloud Posture tabs with UI 4.0

Refreshed Dashboards

We have improved our dashboards for better accessibility, color scheme, typography, and data interpretation.

These updates ensure easy information consumption for all users.

TotalCloud Dashboard with UI 4.0

Reorganized the Communication Tab for Easier Information Management

The Communication tab has been reorganized for better usability, with clear sections to help you quickly find important information.

Notifications Section – This section focuses on items requiring immediate attention and follow-up.    

TotalCloud notifications with UI 4.0

Messages Section – This section delivers general updates and information from the platform.

TotalCloud messages with UI 4.0

Enhanced UI Rollout Starting January 2025

The enhanced user interface is rolling out in phases starting January 2025. You will receive in-platform notifications and email updates to guide you through the transition. Compatibility is seamless, with no additional setup required.

A blue and white megaphone

Learn More

Explore the full details of these updates! Check out our blog for insights.

For more information on the rollout phase, refer to the Frequently Asked Questions.

Platform Name Change Update

We are renaming the Qualys Cloud Platform to the Qualys Enterprise TruRisk Platform. This change highlights Qualys' commitment to empowering CISOs, cybersecurity professionals, and risk stakeholders to effectively measure and mitigate the impact of cyber risk on their organizations. 

The Qualys Enterprise TruRisk Platform is the only cybersecurity and risk management solution that enables you to measure, communicate, and eliminate cyber risk across the extended enterprise with precise remediation and mitigation actions. 

This update does not affect the platform’s functionality or features. Starting in January 2025, the name change will be implemented in phases across all product interfaces. 

For more information, check out this blog.   

Enhanced OCI Dashboard with New Security Widgets

With this release, we have introduced a comprehensive dashboard widgets for Oracle Cloud Infrastructure (OCI), providing enhanced visibility into security posture and compliance status.

Failures By Control Criticality - Displays security control failures categorized by severity levels to rapidly identify critical security gaps within OCI environments.

Policy Compliance - Provides a comprehensive view of compliance status across your OCI infrastructure to view compliance with configured security policies.

Resource distribution by type - Visualizes the distribution of different resource types in your OCI environment, providing insights into the OCI infrastructure.

Top 5 accounts by failed controls - Highlights the top five accounts with the highest number of failed controls to prioritize your remediation efforts.

Top 5 failed controls - Identifies the top five most frequently failed controls across your OCI infrastructure to prioritize critical security improvements.

Enhanced Report Data Export Capabilities

With this release, we have significantly improved the CSV data export limits for assessment reports. This update addresses limitations in both the user interface and API endpoints. The previous maximum fetch limit for CSV export of 10K records is now removed. Now, the download option can retrieve large files with evaluations far exceeding 10K records. Although, the report is downloaded as a ZIP file if the file size equals or exceeds 100MB.

You can find this enhancement by navigating to Reports in the TotalCloud app.

  1. Select a report with large files.
  2. Click Run Again from the Quick Actions menu.
    TotalCloud Reports tab
  3. A dialog box is displayed asking for confirmation of download. Click Continue to proceed with the download.
    Report download confirmation dialogue box

Added New Resource to the Cloud Inventory

With this release, we have included support for a new resource on the Azure Inventory. The cloud inventory ensures these new resources are assessed against the best global compliance standards supported by Qualys, such as NIST, PCI DSS, HIPAA, GDPR, etc.

New Resources Introduced

The following is the newly introduced resources in the TotalCloud app.

Azure PLSQL Server

This resource includes both Single and Flexible server of Azure PLSQL Server.

Control Changes

Changes introduced to controls in this release.

Amazon Web Service

New Controls introduced in Amazon Web Service

 CID 

Title

Service

Resource

540

Ensure only Root user of the AWS Account should be allowed full access on the CMK

KMS

KMS

Microsoft Azure

Changes introduced to Microsoft Azure Controls.

New Controls

 CID 

Title

Service

Resource

50473

Ensure that Private endpoint
should be enabled for MySQL servers

 MYSQL_
SERVER

 MYSQL_
SERVER

50474

Ensure that App Configuration
should use private link

 APP_
CONFIGURATION

 APP_
CONFIGURATION

50472

Ensure that Azure Machine Learning
workspaces should use private link

 MACHINE_
LEARNING

 MACHINE_
LEARNING

New Controls in "CIS Microsoft Azure Foundation Benchmark Policy"

 CID 

Title

Service

Resource

50466

Ensure server parameter 'require_secure_transport' is set to 'ON'
for PostgreSQL flexible server

 PSQL_
SERVER

 PSQL_
SERVER

50467

Ensure server parameter 'log_checkpoints' is set to 'ON'
for PostgreSQL flexible server

PSQL_
SERVER

PSQL_
SERVER

50469

Ensure server parameter 'connection_throttle.enable' is set to 'ON'
for PostgreSQL flexible server

PSQL_
SERVER

PSQL_
SERVER

50475

Ensure server parameter 'logfiles.retention_days' is greater than 3 days
for PostgreSQL flexible server

PSQL_
SERVER

PSQL_
SERVER

50476

Ensure 'Allow public access from any Azure service within Azure to this server'
for PostgreSQL flexible server is disabled

PSQL_
SERVER

PSQL_
SERVER

50477

Ensure server parameter 'require_secure_transport' is set to 'ON'
for MySQL flexible server

AZURE_
MYSQL_
FLEXIBLE_
SERVER

AZURE_
MYSQL_
FLEXIBLE_
SERVER

50478

Ensure that 'Enable Data Access Authentication Mode' is 'Checked' for Disks

DISK

DISK

50479

Ensure that 'Remote debugging' is set to 'Off' for Web Apps

APP_
SERVICE

WEB_
APP

50480

Ensure that 'Remote debugging' is set to 'Off' for Function Apps

APP_
SERVICE

FUNCTION_
APP

Controls Migrated from Policies

 CID 

Title

Old Policy

New Policy

50039

Ensure Enforce SSL connection is set to ENABLED for MySQL Database Server

CIS Microsoft Azure Foundations Benchmark

Azure Database Service Best Practices Policy

50040

Ensure Enforce SSL connection is set to ENABLED for PostgreSQL Database Server

CIS Microsoft Azure Foundations Benchmark

Azure Database Service Best Practices Policy

50041

Ensure server parameter log_checkpoints is set to ON for PostgreSQL Database Server

CIS Microsoft Azure Foundations Benchmark

 Azure Database Service Best Practices Policy

50045

Ensure server parameter log_retention_days is greater than 3 days for PostgreSQL Database Server

CIS Microsoft Azure Foundations Benchmark

Azure Database Service Best Practices Policy

50074

Ensure server parameter connection_throttling is set to ON for PostgreSQL Database Server

CIS Microsoft Azure Foundations Benchmark

Azure Database Service Best Practices Policy

50117

Ensure Allow access to Azure services for PostgreSQL Database Server is disabled

CIS Microsoft Azure Foundations Benchmark

Azure Database Service Best Practices Policy

50470

Ensure that Private Endpoints are Used for Azure Key Vault

CIS Microsoft Azure Foundations Benchmark

Azure Best Practices Policy

50471

Ensure Private Endpoints are used to access Storage Accounts

CIS Microsoft Azure Foundations Benchmark

Azure Best Practices Policy

50156

Ensure that public network access is disabled in Managed Disks

Azure Best Practices Policy

CIS Microsoft Azure Foundations Benchmark

50202

Ensure that FTPS is enforced in API Apps

Azure Best Practices Policy

CIS Microsoft Azure Foundations Benchmark

50089

Ensure that HTTP Version used for Function app is latest

Azure Function App Best Practices Policy

CIS Microsoft Azure Foundations Benchmark

50146

Ensure that Function apps enforce FTPS-only access to FTP traffic

Azure Function App Best Practices Policy

CIS Microsoft Azure Foundations Benchmark

50178

Ensure that public network access is disabled on Azure SQL databases

Azure Database Service Best Practices Policy

CIS Microsoft Azure Foundations Benchmark

Oracle Cloud Infrastructure

New controls in "Oracle Cloud Infrastructure Best Practices Policy"

 CID 

Title

Service

Resource

40064

Ensure Load balancer should not have Public IP 

 LOAD_BALANCER

 LOADBALANCER

40065

Ensure Load balancer has reserved Public IP

LOAD_BALANCER

 LOADBALANCER

40066

Ensure secret auto rotation should be enabled

VAULT

 SECRET

40067

Ensure secret reuse rule should be configured

VAULT

 SECRET

40068

Ensure secret expiry rule should be configured

VAULT

 SECRET

40069

Ensure secret expiry rule should block use of content retrieval after the reuse

VAULT

 SECRET

40070

Ensure Network security group  is used for controlling traffic in load balancer

LOAD_BALANCER

 LOADBALANCER

40073

Ensure OCI Block Storage Block Volume backup policy is enabled

STORAGE

BLOCK_
VOLUME_
BACKUPS

40074

Ensure block volume cross region replication is enabled

STORAGE

BLOCK_
VOLUME

40075

Ensure snapshot policy is attached to the file system

STORAGE

FILE_SYSTEM

40078

Ensure Kubernetes Engine Cluster endpoint is configured with Network Security Group

KUBERNETES

KUBERNETES_
CLUSTERS

40080

Ensure Kubernetes API endpoint should be private

KUBERNETES

KUBERNETES_
CLUSTERS

40081

Ensure Kubernetes version should be latest

KUBERNETES

KUBERNETES_
CLUSTERS

40082

Ensure Container Repository is private

CONTAINER

CONTAINER_
REGISTRY

40083

Ensure Container Registry Readme should not be blank

CONTAINER

CONTAINER_
REGISTRY

40084

Ensure Cloud Advisor is enabled in the root compartment of the tenancy

CLOUD_ADVISOR

CLOUD_ADVISOR

40085

Ensure Run Log should be enabled for the Connector

CONNECTOR_HUB

CONNECTOR

40086

Ensure Run log retention period should be more than 90 days

CONNECTOR_HUB

CONNECTOR

40087

Ensure network security groups is stateless

VCN

SECURITY_GROUP

 

© 2025 Qualys, Inc. All rights reserved. Privacy Policy.