Release 2.2.0
February 21, 2025
What's New?
Get Your 2024 Wrapped Video Insights in a Downloadable PDF Report
We previously released a 2024 Wrapped Video, highlighting your risk reduction journey throughout the year. Now, the video comes with a downloadable PDF report enhancement for easy sharing and reference. The download option is available at the end of the video.
If you missed the video, it’s available in the top menu of your VMDR subscription.
The video will no longer be available after March 31st, 2025. Be sure to download your copy before this date.
TruRisk Mitigation Now Integrated for Enhanced Risk Management
TruRisk Mitigation is now integrated to strengthen risk management capabilities. As part of this enhancement, the mitigation and remediation counts on the Vulnerabilities Details page—previously accessible only to a limited set of VMDR users—are now available to all users, regardless of their Patch Management or TruRisk Mitigate™ subscription.
This enhancement provides greater visibility into vulnerability remediation strategies, empowering teams to proactively address CISA Known Exploited Vulnerabilities (KEVs). Qualys customers have successfully eliminated 160M CISA KEV vulnerabilities using Qualys Patch Management.
This enhancement applies solely to vulnerabilities identified by Cloud Agents.
TruRisk Mitigation and Remediation: Know the Difference
The vulnerability results matching the new QQL token now display two additional icons: one for Mitigation and one for Remediation, each showing their respective vulnerability counts.
- Mitigation: When a vulnerability cannot be patched, choose the Mitigation option to apply compensating controls that reduce risk exposure.
- Remediation: To remediate a vulnerability, choose the Remediation option and apply the required patch or fix.
This approach ensures that vulnerabilities are addressed directly or their associated risks are minimized.
To address CISA's Known Exploited Vulnerabilities (KEVs) and ransomware threats, an active TruRisk Eliminate™ subscription is necessary. For more details, read our blog or contact your Technical Account Manager (TAM).
New Token
To view vulnerabilities that are mitigable, use this token.
| Token | Description |
| vulnerabilities.qualysMitigable |
Use the values true | false to indicate whether Qualys can mitigate a detected vulnerability. Example Show findings with vulnerabilities that can be mitigated
This QQL query depends on other modules. To use it, ensure you have the following versions or higher: |