Release 10.30.1
November 12, 2024
What’s New?
Qualys Vulnerability Management (VM)
Scan Report Template Enhancements
Previously, in the scan-based reports, the Fixed filter option was enabled by default while creating the scan report template. You had to manually disable it while editing the scan reports as the Fixed filter option applies only to host-based reports and not scan-based reports.
With this release, the Fixed filter checkbox is disabled by default. If you try to select this filter, an error message is displayed - The status "Fixed" is not applicable for scan-based reports.
We have enhanced user experience by disabling the Fixed filter and showing a clear error message when users attempt to enable it.
Qualys Policy Compliance (PC)
User Interface Enhancements - Inactive Instance Purge
To enhance user experience, we have changed the description displayed in the Inactive Instance Purge Setup window (Policy Compliance > Scan > Setup > Inactive Purge Instance). The new description is concise and explains the action to be performed.
Dashboard Enhancements
We have introduced the following dashboard enhancements to improve data visualization and communication:
Trending
Now, you can configure dashboard widgets to display trend data for up to 90 days. It is the analysis of data over a period of time to identify patterns, movements, or changes that indicate a direction or tendency. It helps in understanding how specific metrics or behaviors are evolving, enabling informed decision-making and forecasting.
We have added an option to enable trending while creating/editing a widget. While creating or editing the widget, you can switch the Trending toggle to view the data trend of the inputs you provide in your query. This toggle is only available for the Count and Ratio function type of the Numerical widget. You can also create a trend data comparison widget using multiple queries. Depending on the various combinations of data lists you choose, you can build different numerical widgets. Learn more about trending.
The following image shows the Trending toggle:
The following image illustrates how the Trending widget looks:
This feature requires PCUI 1.4.2.
Report Scheduling
You can now share dashboard-based reports via email with specific recipients by creating report schedules based on your preferred timezone and frequency (Daily, Weekly, or Monthly). The reports can be shared in PDF format in either Portrait or Landscape orientation. Learn more.
This feature supports the following specific widget types:
- Numerical (Count and Ration function type)
- Bar
- Pie/Donut
This feature requires PCUI 1.4.2 and Unified Dashboard (UD) 1.16.4. If UD 1.16.4 is not available, then the dashboard widgets with trending enabled are shown in the report without any trending data. The widgets display a message: "no data to display."
Issues Addressed
The following issues are fixed with this release:
| Component/Category | Application |
Description |
| VM - Scan UI | Vulnerability Management | When the Manager user was trying to change the maximum duration of scanning per asset, an error stating 'you are not allowed to view this page' was displayed. Relevant code changes have been made to resolve this issue. Users with Manager access can now access and set the maximum duration of scanning for an asset. |
| VM - Activity logs | Vulnerability Management | When users edited the default option profile, the modifiers name, date, and time were displayed on the details page. However, activity logs for the default option profiles are not displayed. Relevant code changes have been made to resolve this issue. Activity logs for default option profiles are now generated. |
| VM - Authentication Records | Vulnerability Management | When the users launched a map scan with vCenter authentication for ESX/ESXi host discovery, all VMware/vCenter authentication records for different networks, having multiple IP addresses were sent in the PHP Param XML format. This resulted in errors in mapping the ESX/ESXi hosts with vCenter authentication. Relevant code changes have been made to resolve this issue. For map scan the Network ID filter is added when selecting authentication records. This ensures only those VMware/VCenter authentication records which are in the same network, where map scan is launched are sent in the PHP Param XML format. |
| VM - Scan Based Report | Vulnerability Management | When the users were creating a scan based report template, under Vulnerability Filters the Fixed checkbox was selected by default. However, for such report, the fixed vulnerability status is not applicable. Relevant code changes have been made to fix the issue. The Fixed checkbox is now disabled and a message 'The status Fix is not applicable for scan based reports' is added. |
| VM-Host List Detection API | Vulnerability Management | When users were using the parameter 'suppress_duplicated_data_from_csv=1' the data in the columns 'Cloud Provider', 'Cloud Service', and 'Cloud Resource ID' was missing. Relevant code changes have been made to fix the issue. |
| VM - Scan Schedule | Vulnerability Management | When the users scheduled a particular scan, it was getting deactivated when the AGMS service was down or was not responding properly at the time at which the scan was scheduled. Relevant code changes have been made to fix the issue. |
| VM-Scan Schedule | Vulnerability Management | When the users tried to schedule scans, they encountered a scan XML parse error. Even though scan was not successfully launched, a wrong message was displayed as, 'Scan Launch Successful'. The relevant changes were made to the text message in the schedule scan run history. |
| VM - Users API | Vulnerability Management | When the users encountered an error while executing the Users API endpoint /msp/user.php, the response code was displayed as 200 instead of 400. As per the design, for msp User API requests, the server returns an HTTP 200 status code in the response, irrespective of whether it is successful or an error. This is documented in Qualys API(VM/PC): PDF|HTML under Appendix D. |
| VM - Scans | Vulnerability Management | When users tried to share PCI scan details from VM to PCI application, the sharing failed. Also, the scan status was displayed as 'Fail'. Relevant code changes have been made to fix this issue. |
| PC - Authentication Records | Policy Compliance | When the users tried to create or update the HTTP authentication record by entering the data in the virtual host and realm fields and saving it, they encountered an error. Relevant code changes have been made to fix the issue. |
| PC - API | Policy Compliance | When the users were trying to create a MySQL authentication record using the unix_config_file parameter, the authentication record was created successfully, but the Unix Config File field was found empty. Relevant code changes have been made to fix the issue. |
| PC - API | Policy Compliance | When the users launched a scheduled report API endpoint /api/2.0/fo/schedule/report/, the schedule report was getting blank. Relevant code changes have been made to fix the issue. |
| PC | Policy Compliance | When the users generated a policy compliance report, it consisted of technology/instances that were stale. This was because instance deletion was skipped for stale technology/instances. Relevant code change has been done to fix this issue, thereby improving stale technology / instance deletions. |
| PC - Policy Editor | Policy Compliance | When the users evaluated a non-SCA control for an SCA asset through the test-control workflow in Policy Editor, the UI was stuck and was not displaying any error message. Relevant code changes have been made to fix the issue. |
| PC-Authentication | Policy Compliance | When the users tried to perform scans on the assets, an insufficient privileges error was displayed. Relevant code changes have been made to fix the issue. |
| PC | Policy Compliance | When the users updated the expected value and initiated the import/export of policies, the old values were retained instead of using the updated ones. Relevant code change has been done to fix this issue. |