• Controls Not Evaluated For A Host

    Hey all,   Controls are not getting evaluated on an IP of mine despite of adding it to PC module. Please note authentication is also getting passed.   It would be great if anyone can help me regarding t...
    Honey Johny
    last modified by Honey Johny
  • How to identify assets and applications where clear text authentication is enabled?

    I want to know if there is any QID or anything that can help me create a report which lists either assets or applications where clear text authentication is enabled.
    Jose Suarez
    last modified by Jose Suarez
  • Excluding A Control Permanently

    Dears,   Please let me know if there is any way to exclude a control permanently for a control.   eg.Policy A has controls 1,2,3,4 and has IPs a,b,c,d,e Please let me know if there is any way to ex...
    Honey Johny
    last modified by Honey Johny
  • PCI 4.0 Draft

    The PCI 4.0 draft appears to only be available to certain groups through PCI SSC. As an ASV would Qualys be able to share a draft so that we could see what might be in the next revision?
    Micheal Stephenson
    last modified by Micheal Stephenson
  • SCA Policies

    On SCA, for each technology there are Level 1, Level 2 and Level 1 + 2 policies. What are the differences between those? On which scan should I use them? Also, all of them are marked as "Scored", what does it me...
    Adrian Prieto
    last modified by Adrian Prieto
  • How can I configure a TAG to detect host without open ports

    Cómo puedo configurar un TAG para que detecte host sin puertos abiertos En busca de detectar los equipos que no se encuentren activos, busco configurar un TAG que se agregue a los equipos que no detecta ning&u...
    Fernando Orjuela
    last modified by Fernando Orjuela
  • MS SQL Authentication Error 18452 (Policy Compliance)

    I am attempting to authenticate to a SQL database in our environment using AD credentials. We have ensured the account has the necessary permissions to the database however we we attempt authentication we receive an a...
    Brandon Black
    last modified by Brandon Black
  • Website ADA Compliance Checker

    Does Qualys have a ADA Compliance Checker report profile or something that rates how compliant it is with Section 508, the Americans with Disabilities Act (ADA), and the 21st Century Communications and Video...
    Sam Friday
    last modified by Sam Friday
  • Exceptions in PC

    Is it possible to add directories/files in exception for a control (rather than hosts) in Policy Compliance?
    Anvesh T
    last modified by Anvesh T
  • MSSQL Compliance Controls

    Hi,   I have a question around the compliance controls and Microsoft SQL Server.   Our DBAs have noticed that the reports are generating control failures for each database instance when in fact the control...
    noxx
    last modified by noxx
  • Custom WMI Query

    I'm pretty terrible at getting these custom WMI queries figured out, but luckily there's a community that I can ask.   A bit of backstory in case someone has a better solution/suggestion. We use the CIS policies...
    Adam Browning
    last modified by Adam Browning
  • Exchange Server 2016

    Does Exchange Server 2016 need a SMB version when setting up the Windows Record?  This is the only setting I haven't Tried.   Im having issues achieving Authentication with the Servers that have Exchan...
    Ben Trevino
    last modified by Ben Trevino
  • Customize SAQ Send Campaign Template

    Is it possible to customize the text in the campaign message that will be sent to recipients when a new campaign is launched? I've looked through the new template creation, and I've tried to look through all campaign ...
    Micheal Stephenson
    last modified by Micheal Stephenson
  • First detected date for CIDs in PC reports

    Is there a way to get the "First Detect" date of a CID to show up in a PC report, similar to how it will show for QIDs in a vulnerability report?   This column could be useful for prioritization and tracking tre...
    Mark A
    last modified by Mark A
  • Qualys GDPR Question

    Can anyone tell me, does qualys has a template to scan for GDPR controls ? If yes, where can i find the template ?   qualys vm gdpr compliance
  • Feature Requests - Policy Compliance

    1. I wish that in Policy Compliance when searching against a Policy or Control you could select an option to just return the last result detected, instead of every result that every was found.  Last Scan Date and...
    theone2018
    last modified by theone2018
  • SAQ Attachments

    There does not appear to be any way to delete attachments that may have been uploaded in error by a person completing a questionnaire.  Even after all references to a file are removed from the questionnaire, no o...
    Robert Slimmer
    last modified by Robert Slimmer
  • MySQL Authentication for PC

    Hello,   I keep getting an error of the sort:    MySQL authentication was NOT successful on host xxx.xxx.xxx, port xxxx, database xxxxxx, reason: Access denied for user 'QUALYS_SCAN'@'%' to database 'x...
    Ajay Desai
    last modified by Ajay Desai
  • how to check if something went Out of Compliance after a server was put into production?

    in compliance module, is there a way to identify if something went out of compliance after a server was put into production?
    James Lieu
    last modified by James Lieu
  • Tomcat Authentication questions

    Has anyone dealt with tomcat installation directorys   my company has unix and windows servers that have tomcat.   Some machines have different directorys.   does every different directory need to ha...
    Ben Trevino
    created by Ben Trevino