• How to write a Groovy scriptlet for asset tagging

    Read first, important This documents how to create a Groovy scriptlet. I recommend using only if you are confident of all of the following: Understand the load/strain tagging puts on the platform. Understand the cod...
    Parag Baxi
    last modified by Nick Williams
  • Enabling strong cipher suites in Windows Server 2008 R2 and 2012 R2

    Hi All, I have got the above weak cipher suites in the SSL Lab report.   Below the existing cipher suites mapped on the server: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_...
    Srikumar Mohanram
    last modified by Srikumar Mohanram
  • Emergency Qualys Portal Upgrades? 2.44.0.0?

    Hi Friends: I've noticed a flurry of recent activity in Qualys' change controls. On March 10th, I saw [Scheduled] US Platform 2: Qualys Suite PORTAL 2.44.0.0 Release Notification (CMB-65395). Today, March 16th...
    Tef Gardener
    last modified by Tef Gardener
  • Issues with authenticated scans on Windows Servers

    Hello.   We are currently using Qualys Virtual Scanner Appliance and we struggle to get consistent results on part of the scanned Windows Servers.   Setup : authenticated scan, complete vulnerability...
    Rafal Gonzalez
    last modified by Rafal Gonzalez
  • Dashboards and Reporting Resources - Start Here

    Welcome to Dashboards and Reporting   Welcome to our Dashboards and Reporting space.  Here we will begin to collaboratively and constructively collect relevant legacy ...
    DMFezzaReed
    last modified by DMFezzaReed
  • Dashboard Toolbox - New Vulnerability Management (VM) Dashboard BETA

    The New Vulnerability Management (VM) Dashboard BETA program is not intended for production use, and its content is subject to modification without notice.  If you have any questions regarding its conte...
    DMFezzaReed
    last modified by DMFezzaReed
  • Customizing the "Core" Detection Scope

    Some customers have asked how to customize the Core detection scope in WAS (e.g., remove certain QIDs or add others).  Currently the best way to accomplish this is to use "Custom Search Lists" detection scope as ...
    Dave Ferguson
    last modified by Dave Ferguson
  • HSTS not recognized by SSL Labs scan when browsing through WAF

    I'm having a very weird issue. I have a WAF that sits in front of some portals (Citrix Netscalers) that my users use to gain access to their office computers and sits in front of some web servers (IIS and Apache)....
    Joe Gruppuso
    last modified by Joe Gruppuso
  • Export all support case comments

    Greetings: While I know that I can export a list of all of my support cases, is it possible to export all of the case comments within the case itself into a a .csv, .xslx, .xml? /ted
    Tef Gardener
    created by Tef Gardener
  • QID to Indicate Desktop or Server OS?

    Does Qualys have a QID that indicates if an operating system is a server OS or a desktop OS for Windows and *nix, so that you don't have to use regular expressions to determine this information?   Than...
    John Malon
    last modified by John Malon
  • End of Support & End of Life details for the below

    QualysGuard Virtual Scanner Appliance- version 2.4.26-11     Regards, Ravi  
    ravi kiran
    last modified by ravi kiran
  • Dynamic Tagging

    I am starting to use Dynamic tagging and understand the following: IP Address in Range, IP Address in Range + Networks. But I would like to create a tag based on some of the fields used within Qualys. So for an e...
    Richard Neerhout
    last modified by Richard Neerhout
  • Dashboard Toolbox - VM DASHBOARD: Top 10 Vulnerabilities Scorecard v2

    This page contains information to create a Top 10 Vulnerabilities Scorecard v2 dashboard leveraging data in your Qualys Vulnerability Management subscription.    Apr 01, 2020: In preparation for GA rel...
    DMFezzaReed
    last modified by DMFezzaReed
  • Dashboard Toolbox - VM DASHBOARD: QLYS - TTL Closed (FIXED or IGNORED) Scorecard v2

    This page contains information to create a QLYS - TTL Closed (FIXED or IGNORED) Scorecard v2 dashboard leveraging data in your Qualys Vulnerability Management subscription.    Unremediated (or OPEN) equ...
    DMFezzaReed
    last modified by DMFezzaReed
  • Dashboard Toolbox - VM DASHBOARD: Total Unremediated (OPEN) Scorecard v2

    This page contains information to create a Total Unremediated (OPEN) Scorecard BETA dashboard leveraging data in your Qualys Vulnerability Management subscription.    Unremediated (or OPEN) equates to s...
    DMFezzaReed
    last modified by DMFezzaReed
  • Qualys integration with AWS Security Hub

    Introduction Customers can now access Qualys vulnerability and policy compliance findings in the Amazon Web Services (AWS) Security Hub. This will help them prioritize risks and automate remediation using na...
    Hari Srinivasan
    last modified by Santosh Mukkawar
  • MS SQL Authentication Error 18452 (Policy Compliance)

    I am attempting to authenticate to a SQL database in our environment using AD credentials. We have ensured the account has the necessary permissions to the database however we we attempt authentication we receive an a...
    Brandon Black
    last modified by Brandon Black
  • Is there a way to do dynamic Asset groups for Authentication?

    I'm setting up authentication records and want to be able to have the records tied to devices that are in a dhcp environment.  I see there is an option to add asset groups to the authentication records, but not a...
    Megan Fairchild
    created by Megan Fairchild
  • Pagination problem, limited records

    I would like to ask a question about limitation of records (Global IT Asset Inventory API), I want to list host details for specific fields , with the help of this API documentation : https://www.qualys.com/docs/...
    ZELIANG YAO
    last modified by ZELIANG YAO
  • API: Edit asset group to remove bulk IPs

    I am trying to remove a large number of IP addresses from several asset groups so I would like to use an xml file to feed the list of IP addresses. I have used the command curl -u "username:password" -H "X-Reque...
    Ricardo Gomez
    created by Ricardo Gomez