• Cloud Agent not reporting

    Since the end of January, none of our Cloud Agents have reported back. We have had confirmation that agents are processing and sending data but nothing has updated.   Installed into a Lab with almost no firewall...
    Chris Jones
    last modified by Chris Jones
  • Qualys WAS app for Splunk not showing data

    I am attempting to set up and utilize the Qualys Technology Add-On (TA) for Splunk and the Qualys WAS app for Splunk Enterprise.   I have my heavy forwarder installed with the TA.  The inputs.conf contains ...
    Tim Sheets
    last modified by Tim Sheets
  • Dashboard Toolbox - New Vulnerability Management (VM) Dashboard BETA

    The New Vulnerability Management (VM) Dashboard BETA program is not intended for production use, and its content is subject to modification without notice.  If you have any questions regarding its conte...
    last modified by DMFezzaReed
  • Can handshake simulations include libwww-perl?

    We receive calls from libwww-perl (6.05) and the callers report that there are issues with our site from time to time.  We consistently show a grade of A with no issues for all browsers.
    Paul Nacamuli
    last modified by Paul Nacamuli
  • Setting up a Virtual Scanner

    For any internal Maps and Scans you’d like to perform (not needed for external), the Qualys Virtual Scanner User Guide and the Qualys Virtual Scanner Appliance reference provide details on the Vir...
    Scott Suhy
    last modified by Robert Dell'Immagine
  • Multifactor Authentication via Microsoft AD to Qualys

    Hi all, Just trying to compile a correct question and target the right crowd here so please send me your thought and feedback. Okey here is questions: How many AD groups do we need for integration of Microsoft AD t...
    Vida Ai
    last modified by Vida Ai
  • Does qualys reports java vulnerabilities even if only traces of java found in machine instead of installing java software?

    We have user who doesn't installed Java  but they has traces of Java like documentation,certifications,plugins in the machine. But Qualys has detected the machine as vulnerable to many Java vulnerabilities and al...
    Preethi R
    last modified by Preethi R
  • API Gateway - Application API Docs (Swagger)

    Module Version API Gateway Documentation FIM 1 https://gateway.qg1.apps.qualys.com/apidocs/fim/v1   FIM 2 https://gateway.qg1.apps.qualys.com/apidocs/fim/v2 ITAM/AI 1 https://gateway.qg1.apps.qualys.com/apid...
    Laura Seletos
    last modified by Laura Seletos
  • LogRhythm and Qualys integration

    Hi. I want to Intergrate LogRhythm and Qualys. Can some help on how to do it. I got the documentation of the integration already. All I need now is what to do on the actual integration. A video knowledge base would he...
    Chester Chirenje
    last modified by Chester Chirenje
  • Qualys - Splunk integration - macro not found

    Hi All,   We have Splunk QA and Splunk prod in cluster mode. On QA evrything is running as expected, data is populated and dashboards with info is displayed properly. However the same settings are transferred to...
    Ivelin Penchev
    last modified by Ivelin Penchev
  • Regarding RFC 7627 on Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension will become a mandatory TLS extension

    Does Qualys SSL Server test will make this "extended Master secret" TLS extension mandatory to get A+ grade?
    Sajeev S
    last modified by Sajeev S
  • VMDR: Limited Patch Detection

    Hi, I can't see any documentation of the limited patch detection of the VMDR, how it differs on the Patch Management module. What are the functional that LPD only has on the PM module. Thank you
    Ryan Mark Yecyec
    created by Ryan Mark Yecyec
  • Grouping machines based upon loggedonuser

    We have information from our Email Security Solution on the users that are most often targeted by email threats.  We'd like to use this list of highly targeted users and identify the computers on which they work ...
    Andrew Wild
    created by Andrew Wild
  • WAS multiple targets - scan until completion

    I am looking for suggestion or workflow idea as I seem to be struggling to run multiple site scan.   I schedule scan of 3 Web applications (progressive, 10 daily occurrences, scan window 22-8). I want to make su...
    Tom S
    last modified by Tom S
  • Detect default credentials on web management for network/system devices

    I would like to check if any web interfaces for network/system devices (servers, routers, switches, printers) are using default vendor passwords ?   In VM module, we can run brute-force, but that doesn't check w...
    ukki ikku
    created by ukki ikku
  • Vulnerability Management - reporting N-1 / N-2?

    Is it possible to run a vulnerability management report but ignore the most recent patches if we're running N-1 for instance?
    Simon Cooper
    last modified by Simon Cooper
  • External port scan - Port info only required

    Hi All,   I have a requirement to externally scan a public IP range and require simply the open TCP/UDP ports that are shown. I have seen that you can select a Full TCP/UDP Scan in the interface but this also pe...
    Chris Bott
    last modified by Chris Bott
  • OpenSSL Padding Oracle vulnerability (CVE-2016-2107)

    Hi there,   I have a test server running Centos 6.8 and can't overcome this message:  This server is vulnerable to the OpenSSL Padding Oracle vulnerability (CVE-2016-2107) and insecure. Grade set...
    william harvey
    last modified by william harvey
  • Microsoft Security Patches and File Versions Vulnerabilities

    Hi All,   We've been chasing out tails with a few detected vulnerabilities lately. The basic pattern is...Qualys detects that a patch is missing. The result for this is that file X.Y is a particular version, and...
    Dan Salt
    last modified by Dan Salt
  • Asset showing wrong IP

    Hi Forum buddies,   Situation File Server (Virtual, Windows 2012 R2 Core) with 3 IP addresses - PROD (IP, Mask, GW, DNS) STORAGE (IP and MASK Only) BACKUP (IP and MASK Only). Binding order is PROD, Storage, Bac...
    Chris Jones
    last modified by Chris Jones