• Compliance Regulations and Qualys Policies

    This document captures details on why it may be necessary for certain controls need to be revoked in the production environment; and how customers can still continue to adhere to required compliance regulations.  ...
    Pronamika Abraham
    last modified by Pronamika Abraham
  • Exchange Server 2016

    Does Exchange Server 2016 need a SMB version when setting up the Windows Record?  This is the only setting I haven't Tried.   Im having issues achieving Authentication with the Servers that have Exchan...
    Ben Trevino
    last modified by Ben Trevino
  • Custom WMI Query

    I'm pretty terrible at getting these custom WMI queries figured out, but luckily there's a community that I can ask.   A bit of backstory in case someone has a better solution/suggestion. We use the CIS policies...
    Adam Browning
    last modified by Adam Browning
  • MS Office 2013 & Qualys Detection of Installed Patches

    Hello All,    We are currently experiencing an issue with a Qualys scan results which is looking Office version at HKLM\SOFTWARE\Wow6432Node\Microsoft\Office\15.0\Common\ProductVersion LastProduct as 1...
    Muthukumar Vaidhianathan
    last modified by Muthukumar Vaidhianathan
  • QID:78030 solution required

    #QID:78030 solution required.
    Velu Rajendran
    last modified by Velu Rajendran
  • Can we scan a server to determine sensitive data?

    Can we use Qualys to conduct periodic scans of server machines to determine whether sensitive data (i.e., personally identifiable information, health, credit card, and classified information) is present on the system ...
    Zameer Syed
    last modified by Zameer Syed
  • Generating alerts from FIM data

    We are using the Cloud Agents with FIM enabled in our cloud infrastructure as a replacement for AIDE. Is there any way to create alerts based on a set of criteria? We would want either emails to be sent out or possibl...
    Robert Barrow
    last modified by Robert Barrow
  • Compliance Reporting Frameworks

    I'm attempting to build reports on CIS controls. But when I build a report, I have options to add framework templates to the report. The frameworks do not match the policy I've applied to the scans. For example, I'm s...
    Michael elmore
    last modified by Michael elmore
  • Scan Discontinued

    Hi,   I'm experiencing a lot of IP's not being scanned, but reported in the section "Scan Discontinued". Looking into why this is happening, but unable to find any good explanation to why. The resources are not ...
    last modified by evry-hh
  • PCI fail: SSL Certificate Signed Using Weak Hashing Algorithm (Known CA)

    I've been in IT for a while, but I'm fairly new to PCI compliance.   One of the errors my scan is failing  on is: SSL Certificate Signed Using Weak Hashing Algorithm (Known CA)    The server seem...
    Michael Ward
    last modified by Michael Ward
  • Feature Request ? Create policy from host vs only one policy

    Hello,   The "create policy from host" feature in Policy Compliance module automatically embeds ALL the controls for a given technology. What I wish is to filter these controls to get a Policy created from the ...
    stan pichon
    created by stan pichon
  • How do I download a list of individual assets that only includes assets that are in the policy compliance subscription?

    How do I download a list of individual assets that only includes assets that are in the policy compliance subscription? If I go to Host Assets tab under Assets in the PC module I see the correct list (about ...
    Joseph Cates
    last modified by Joseph Cates
  • Creating Windows GPO from a Qualys policy

    Hi,   I can export a policy as a .csv or .xml, however these can't be used to script the creation of a GPO.   It seems the only way is to work through each control manually when creating the GPO in Group P...
    Daniel O'Rorke
    created by Daniel O'Rorke
  • How to force technology detection on PC via Cloud Agent ?

    Hi everyone,   I am facing an issue where Policy Compliance via Cloud Agents does not detect the technology I am trying to assess. I want to test for compliance on JBOSS/WildFly installed on RHEL 7.x   Th...
    stan pichon
    last modified by stan pichon
  • ServiceNow Configuration Compliance Integration

    Does anyone have experience with Qualys integration with ServiceNow Configuration Compliance?  Looking for real world experience, lessons learned, positives/negatives etc. 
    created by adamc
  • ON Prem Solution

    Hi  Is there an on prem appliance?
    hichem Ayed Harhira
    last modified by hichem Ayed Harhira
  • Win Auth & Licensing

    I'm having a show stopper here.... 2 items to pull hair...   1) I am getting "Windows authentication failed for these hosts" in reports in a Compliance Scan.   I set up Windows Authentication once befo...
    Scott Wickham
    last modified by Scott Wickham
  • Report for Vulnerabilties Found and When Last Reported

    Hi, I did not see this report out there and not sure how this would be done.   We have a scan from when we first started and then a current scan.   I can see a host report that shows when the disco...
    Jamie Brown
    last modified by Jamie Brown
  • Qualys Patch Report with Custom time

    Hi Everyone,  I want to run a patch report for compliance reasons. Report has to be monthly report starting from 01 of the month to end of the month.  When I created patch template the time default time wa...
    sam bhat
    created by sam bhat
  • PC scan using cloud agents

    What steps are involved to get policy compliance information from cloud agents? The steps I have taken so far -  1. Ensured we are licensed to use the PC module and enabled for certain hosts. 2. Under PC, have ...
    Salil Chitre
    last modified by Salil Chitre