Policy Audit Release 1.3

August 26, 2025

Implementation of QQL Token Standardization

We have now implemented Qualys Query Language (QQL) token standardization across all Qualys applications. As part of this enhancement, both common and Policy Audit specific tokens are updated with new token names that follow a standard consistent nomenclature.

The new token format follows the syntax: entity.attribute

For example, in the new token, control.criticality, control is the entity, and criticality is the attribute.

Key Enhancements:

Standardized Token Naming: The control and assets tokens now follow the standardized naming convention. The tokens common to all Qualys applications have also been updated.
Search Bar Updates: Only the new tokens are displayed in the auto-suggestion in the search bars within the UI. However, if you type the old token name manually, the QQL query still works. The old tokens will not be visible in the auto-suggestions on the UI.
Backward Compatibility: The existing Dashboard widgets and Saved Search Queries will continue to support the old tokens in edit mode.
Improved Interoperability: The standardized tokens make it easier to copy and reuse the search query from one application to another, eliminating the need to remember multiple token names for different applications and similar searches.

For the complete list of old and new token mappings, refer to Old and New Token Mappings.

New QQL token displayed with syntax.

View Source for a Host

With this release, we have added a new column Source in the scan authentication report. This column identifies whether the scanned host was a scanner or an agent.

Previously, it was difficult to determine the actual reason from the Cause column alone why the host was not scanned. For example, in the authentication report if the source of the scan was an agent, the cause was displayed as - Host could not be scanned. This did not provide enough clarity. The new Source column resolves this ambiguity.

To view the Source column, navigate to Scans > Authentication > for a particular authentication report, select Details.

Source - Scanner

Scan source column displaying the icon for Scanner.

Source - Agent

Scan source column displaying the icon for Agent.

You can also view the Source column in the downloaded version of the host details. To download a particular authentication report, navigate to Scans > Authentication > for a particular authentication report, select Details > Download. The report is downloaded.

Downloaded scan authentication report with the scan source column.

The Source column can be viewed by all in the latter half of September 2025.

Default Upgrade to Policy Audit - Coming Soon

All users are to be upgraded from Policy Compliance to Policy Audit by default.

With Policy Audit, you can tackle complex audits with continuous monitoring, automated remediation workflows (add-on), and risk-based insights – all in a single platform.

As part of this transition, when you log into your Policy Compliance, you will see a prompt explaining the upgrade to Policy Audit. Whereas, if you are already using Policy Audit, you will see the prompt confirming your upgrade and explaining the benefits of Policy Audit.

For updates on when and how this transition will happen, refer to our blog for updates.

Issues Addressed

The following reported and notable customer issues are fixed in this release:

Component/Category	Application	Description
PA / PC - New UI	Policy Audit / Policy Compliance	When a user bookmarked a specific page within Policy Audit / Policy Compliance, and later selected the bookmark, it redirected them to the corresponding page in Vulnerability Management (VM). Relevant code changes have been made to fix the issue.
PA / PC - New UI	Policy Audit / Policy Compliance	When the user selected the asset compliance score in any of the created widgets on the Dashboard, an error stating - Invalid QQL specified, please review QQL syntax is displayed. Relevant code changes have been done to fix the issue.