• QID: 86847  - Apache Partial HTTP Request Denial of Service Vulnerability

    Hi,   Please help to understand. Mentioned QID is reported as a reference of CVE-2007-6750. In Results I see: QID: 86847 detected on port 443 over TCP - Apache 2.2.3# But I'm running Apache 2.4.29  ...
    Lev Sturmer
    created by Lev Sturmer
  • Dynamic tags based on CVSS Base score ?

    Hi,    We are trying to create a dynamic tags based on CVSS Base score using below query, but its not working as expected.   if(asset.getAssetType()!=Asset.AssetType.HOST) return false; return asset....
    Chandra Sekhar
    created by Chandra Sekhar
  • Change user account Password using powershell

    I am working on a script to change the password of the local Qualys user account using PowerShell and Qualys API. I am able to use a session-based login and logout as well. But API to change the password is not w...
    Vijayaragavan Subbaraj
    last modified by Vijayaragavan Subbaraj
  • Does anyone have a Powershell example of how they use the "Global IT Asset Inventory API"

    Does anyone have a Powershell example of how they use the "Global IT Asset Inventory API"?
    Sam Friday
    last modified by Sam Friday
  • Integration Sophos and Qualys

    Good afternoon, Is  there integration between the manufacturer SOPHOS and Qualys? Thanks.
    Ricardo S
    created by Ricardo S
  • Training material bugaboo?

    I tried going through a new Qualys video and was wondering if anyone else is scratching their heads.   The video "Policy Compliance" offered by Qualys thru Vemo states at the 15:01 minute mark states "Asset tagg...
    Scott Wickham
    last modified by Scott Wickham
  • Vulnerability Scan Consumes All Server Memory

    Hello,   Does anyone have troubleshooting experience with a vulnerability scan maxing out a server's memory? It doesn't appear to be happening during every scan, but occurs frequently. I am not 100% sure that Qu...
    putter101
    last modified by putter101
  • ServiceNow Configuration Compliance Integration

    Does anyone have experience with Qualys integration with ServiceNow Configuration Compliance?  Looking for real world experience, lessons learned, positives/negatives etc. 
    adamc
    created by adamc
  • Compliance Restricted Scanning by Policy

    After running a restricted scan for only specific policy, all the existing reports for other policies returned empty values. Even the Policy Summary drop down didn't listed all the Policies.   Unix hosts were sc...
    Rizwan Bedekar
    last modified by Rizwan Bedekar
  • Asset Group and Adding Bulk of IP address and IP ranges

    Hi All,   Need your help and suggestion for creating bulk of asset group with IP address and IP ranges in Qualys platform using python script. Thanks in Advance!!! 
    Saviour Hack
    last modified by Saviour Hack
  • How to ensure the servers/assets are patched and up to date?

    How to ensure the servers/assets are patched and up to date?On what criteria we can verify it along with vulnerability scans?
    Preethi R
    last modified by Preethi R
  • Authentication Status Failed

    Hola, estoy tratando de hacer un scaneo de vulnerabilidades  y me está mandando error de autentificación,  y antes no me lo mandaba, he hecho varios ejercicios antes y está es la 1ra vez...
    Adalberto Cesar
    last modified by Adalberto Cesar
  • CVS Scores in Knowledgebase DataFeed

    I am looking to import Knowledgebase records into our GRC platform via the Qualys API feed. We are getting a large amount of the information to pull across, however we are not seeing anything being pulled over regardi...
    Brandon Black
    last modified by Brandon Black
  • Why "Last Detection" date of vulnerability is not updated when a new report is generated?

    I ran a new full report but a lot of vulnerabilities did not updated the "last detection" timestamp, but they still appear with an old timestamp, some appears with the actual date. Why is that? How Qualys handle with...
    Guilherme Queiroz
    last modified by Guilherme Queiroz
  • WAF Understanding the basic

    Hi guys,   I m new to Qualys WAF platform, we recently bought licence for Qualys WAF, AM, etc.   I am having some problems understanding Qualys WAF, so , I have installed it on my virtual platform, success...
    tarik B
    last modified by tarik B
  • Qualys Patch Report with Custom time

    Hi Everyone,  I want to run a patch report for compliance reasons. Report has to be monthly report starting from 01 of the month to end of the month.  When I created patch template the time default time wa...
    sam bhat
    created by sam bhat
  • TLS Padding Oracle Vulnerability (Zombie POODLE and GOLDENDOODLE) issue

    Hi,   I got vulnerability "TLS Padding Oracle Vulnerability (Zombie POODLE and GOLDENDOODLE)" ona scan I ran on 25th October 2019   QID: 38764 Category: General remote services CVE ID: CVE-2019-1559 Vendor...
  • UDP/TCP Source Port Pass Firewall Vulnerabilities for Quantum Scalar i6000

    Hello, Please help me to remediate these vulnerabilities:   Vulnerability : TCP Source Port Pass Firewall Solution : Make sure that all your filtering rules are correct and strict enough. If the firewall inten...
    Tarik DAKIR
    last modified by Tarik DAKIR
  • Mac OS X operating system detection

    Why does Qualys favour revealing/presenting the Darwin version number for Mac OS X and not gain access to the likes of 10.12.x or 10.13.x It's confusing my customers who we present the data to Thanks, Tony
    Chalky_White
    last modified by Chalky_White
  • Testing Android x vs. Chrome on Android x

    Seeing Android 7.0 reduced the list of available curves to just prime256v1 I wonder how to test a server for compatibility considering the current client list in SSL Labs. As I understand, „Android 7.0&ldqu...
    Matthias Wächter
    last modified by Matthias Wächter