• Control ID 2521 showing incomplete data.

    We have about 5% of systems failing Control 2521. It's not the same systems every time we run a report. The "domain", "hostname", "user", and "Groups" are all stand in values for the actual values. All of these a...
    cimel
    last modified by cimel
  • CIS policy for Windows 2012 R2

    Hi,    I can't find anymore CIS policies for Windows 2012 R2 in the PC library. There are only "Not R2".   Is there a way to have one of the policies that are no longer present in the library?   ...
    Max Max
    created by Max Max
  • Linux CIS Baseline Policy Checks without Root Access - Possible?

    I have successfully gotten CIS baseline policy checks working in a portion of our environment. CIS CentOS Linux Benchmarks The scanning engine already had root access - authentication tests worked fine, all is well. I...
    narayana12
    created by narayana12
  • Create a custom policy

    Hi All   I have a situation .I have some server hardening  policies defined and I want to create a custom policy on the same . There are some controls defined in our organizational policy , which matches ...
    Soumik Mondal
    created by Soumik Mondal
  • Remote Management Service Accepting Unencrypted Credentials Detected

    Dears , Could you support for this ,we are getting the below vulnerability for Cisco routers although the TFTP is not running . what will be the correct solution for it . Title : Remote Management Service Acceptin...
    waeel ahmed
    created by waeel ahmed
  • QualysGuard Policy Compliance  Price

    Quel est le prix de QualysGuard Policy Compliance pour 300 devices? -  
    roger kanga
    last modified by roger kanga
  • Policy Compliance of Window Server 2016

    The authentication of Window Server 2016 IP address is passed on VA, but when doing the compliance of the same IP Address and checking the authentication report shows not attempted. Any suggestion on how to resolve th...
    Gohar Naseem
    last modified by Gohar Naseem
  • How to delete users in the Administration module

    I have Administrative access to many of the Qualys modules and need to know how to delete users in this module.   I have been able to add company users to it however I cannot figure out how to delete them. I kno...
    Barbara Reynaud
    last modified by Barbara Reynaud
  • MS SQL Authentication Error 18452 (Policy Compliance)

    I am attempting to authenticate to a SQL database in our environment using AD credentials. We have ensured the account has the necessary permissions to the database however we we attempt authentication we receive an a...
    Brandon Black
    last modified by Brandon Black
  • Custom policy controls not appearing on policy export?

    I created a couple of custom policy controls and added them to a policy -- double checked that they were there.  I did an export of that policy and the custom controls did not appear.  The standard CID contr...
    Dan Shoop
    last modified by Dan Shoop
  • Can a Custom Control check two different files for the same requirement e.g password length?

    We have a 8 character minimum password requirement for SUSE.   Our servers have been configured in at least two different ways to meet this requirement.   In one case we use the Qualys control 6379...
    Dan Shoop
    last modified by Dan Shoop
  • Policy Compliance at a point in time

    Is there a way to get a report of the compliance of a group of servers ( TAG: Windows 2016) for a particular date ( eg 2nd March ) ?   thanks
    charles robbins
    last modified by charles robbins
  • CVE-2004-0230- TCP Sequence Number Approximation Based Denial of Service.

    This vulnerability (CVE-2004-0230- TCP Sequence Number Approximation Based Denial of Service) is reported on many windows 2008 servers. As per Microsoft, this is a protocol issue and is fixed since 2005 for for IPv4 a...
    Umesh Hande
    last modified by Umesh Hande
  • Qualys Control ID / CIS Control Correlation

    Is there a correlation between the Qualys Control ID (ex. 1387) and the CIS Control (2.3.11.7).   Example: CIS Control 2.3.11 2.3.11.7 - (L1) Ensure 'Network security: LAN Manager authentication level' is set t...
    Brad Egloff
    last modified by Brad Egloff
  • Assign UDC Manifest in Bulk

    I had 1,820 cloud agents installed before I created my first User Defined Control (UDC). For newer cloud agent installs, UDC manifest is automatically getting assigned. How can I assign UDC manifest to the older 1,820...
    Nawab Kabir
    last modified by Nawab Kabir
  • PC with windows local auth. record

    Hi, cau you tell me host prerequisites for windows authentication base on local account on non domain 2016 server? Still getting insufficient Privileges and PC reports contain Error Code QPC-005:Function error
    Slavo Hascak
    last modified by Slavo Hascak
  • Golden Ratio or PI results

    Where is there additional documentation on resolving policy compliance tests which details a "golden ratio" or "PI" value result finding?   The provided details do not provide enough context to resolve. These fi...
    adamc
    last modified by adamc
  • Compliance Regulations and Qualys Policies

    This document captures details on why it may be necessary for certain controls need to be revoked in the production environment; and how customers can still continue to adhere to required compliance regulations.  ...
    Pronamika Abraham
    last modified by Pronamika Abraham
  • Exchange Server 2016

    Does Exchange Server 2016 need a SMB version when setting up the Windows Record?  This is the only setting I haven't Tried.   Im having issues achieving Authentication with the Servers that have Exchan...
    Ben Trevino
    last modified by Ben Trevino
  • Custom WMI Query

    I'm pretty terrible at getting these custom WMI queries figured out, but luckily there's a community that I can ask.   A bit of backstory in case someone has a better solution/suggestion. We use the CIS policies...
    Adam Browning
    last modified by Adam Browning