Qualys Cloud Platform 3.0 New Features

This release of the Qualys Cloud Platform version 3.0 includes updates and new features for Vulnerability Management, highlights as follows.

Vulnerability Management

The following features apply to all subscriptions that are currently using the Vulnerability Management Dashboard beta. With this release, the beta label has been removed and this GA version will be rolled out to all subscriptions over the coming weeks. This release also prepares the platform for the VMDR launch.

  • “Exists” Searching supported in Tokens – Search Tokens in the Vulnerability Management Dashboard now support the ability to use wildcards (*) to search for hosts or vulnerability detections that have data, such as vulnerabilities.port:* to find all vulnerabilities that were discovered on any open port.
  • Acceptable Risk Factors (ARF) tokens – Narrow down your vulnerability search query to include only exploitable vulnerabilities with following new search tokens: vulnerabilities.nonExploitableService, vulnerabilities.nonExploitableConfig, and vulnerabilities.nonExploitableKernel. Set these to “false” to filter out vulnerabilities found on non-running kernels, non-running services, and configurations that are not exploitable.
  • Group by RTI in Search and Widgets – Threat Protection subscribers can now group vulnerabilities by Real-time Threat Indicators (RTI) in both Vulnerabilities search and dashboard widgets, allowing you to see all threats that impact vulnerabilities in your search.

The specific day for deployment will differ depending on the platform.  Release Dates will be published on the Qualys Status page when available.

For more details about the above features – please review the release notes. Release notes will be posted as soon as they are available on the Qualys Platform Release Notes page.