This document captures details on why it may be necessary for certain controls need to be revoked in the production environment; and how customers can still continue to adhere to required compliance regulations. ... PCI Compliance Qualys PCI Compliance (PCI) enables merchants and Member Service Providers to promptly complete the PCI self-assessment questionnaire, conduct network and web application security scans to efficiently i... Security Assessment Questionnaire Qualys Security Assessment Questionnaire simplifies assessment of internal IT assets and vendor risk. It assesses business risk with automated campaigns and efficiently collects and a... If you have recently created and linked a new Qualys PCI subscription to your Qualys Vulnerability Management account and are finding that when you try to add IPs to the PCI subscription you are receiving an error sta... The Qualys Vulnerability Signatures team has identified a vulnerability that should be reported as a PCI Fail according to the most recent release of the PCI Standards. The PCI Council requires that any new failing vu... Using Qualys Policy Compliance to Scan Docker The Qualys Policy Compliance module is able to be used to scan Docker technology. The requirements to scan Docker are: The system(s) running docker must be regis... The Qualys Policy Compliance scan runs through 4 principal phases: determine if the target is responsive (i.e. "alive"); there is little point in spending time on a target that is not reachable over the network or ev... This document shows how to run a remote test on a windows host to check if the WMI is configured correctly so the scan is able to access the WMI information during the scan.