• Is it possible to forward the scan engine OS security logs to Splunk either by being able to install one of our Splunk agents or sending the logs via Syslog

    Looking to improve overall security monitoring.  We use Virtual Appliances, all are at current configurations.
    Daniel Johnson
    created by Daniel Johnson
  • External Scanning Option Profile (Best Practices)

    We are looking for best practices to create an option profile for external scanning. We have been using the PCI Option profile but it is limited and not user configurable. The external scans will be unauthenticat...
    Jon Rhodes
    last modified by Jon Rhodes
  • HTTP/2 DoS - QID 91566

    Qualys released a new QID last week, QID 91566, for an HTTP/2 Denial of Service vulnerability. It appears this is the latest vulnerability addressed by Microsoft that requires both a patch and a registry key to be dep...
    Jordan Greene
    last modified by Jordan Greene
  • 3rd party outdated library detections

    Hi All,   I'm trying to find out if there is a way we can find out outdated or vulnerable 3rd party library vulns??   Any inputs are much appreciated.   Thanks, Akash.
    Akash Singh
    created by Akash Singh
  • Export limit on the AI module?

    Hello Qualys Community,   I tried downloading a list of assets in the AI module and got a message stating there is a limit of 5,000 records.  Is this a temporary limit?
    Rusty Qualyz
    last modified by Rusty Qualyz
  • Are there any dashboards for the AI module dashboard?

    Are there any pre-built dashboards for the AI module?  Does anyone have any dashboards or widgets they would like to share?  We really want to start using this module to align with a possible ServiceNow impl...
    Rusty Qualyz
    created by Rusty Qualyz
  • Best Practice for Workstation Scanning?

    I'm curious what some of you do for scanning workstations in large environemnts? (ie: >1000 Workstations) Do you scan a sample subset of workstations for vulnerabilities? Do you scan every single PC? I can't seem...
    last modified by kelkin
  • Groovy syntax results for dates

    Good Day !    I am looking to build various tags based on the QID 90924 Microsoft Windows Last Reboot Date and Time However I have not been successful in finding guidance on the groovy syntax.  &...
    Kevin Ryan
    last modified by Kevin Ryan
  • Some problems about Internationalized domain name

    E.g. xn--fiq7iq58bfy3a8bb.xn--fiqs8s Text is "互联网中心.中国".   Title cannot be displayed in reports.   And during analysis, there is a chance to jump to an analysis page that is not the domain name. xn--...
    Junhui Deng
    last modified by Junhui Deng
  • Qualys Authentication

    I have a few windows servers where authentication is not being attempted.     My question is, at what point does Qualys determine if it’s going to authenticate or not?  I’m not even g...
    Carolyn Spengler
    last modified by Carolyn Spengler
  • CMDB Sync & ServiceNow Table Licensing

    My customer would like to use the CMDB Sync application to update the CMDB in ServiceNow. ServiceNow has implemented a new licensing model where it charges extra for custom tables. The customer is worried about the ...
    Kevin Urbanek
    created by Kevin Urbanek
  • PCI fail: SSL Certificate Signed Using Weak Hashing Algorithm (Known CA)

    I've been in IT for a while, but I'm fairly new to PCI compliance.   One of the errors my scan is failing  on is: SSL Certificate Signed Using Weak Hashing Algorithm (Known CA)    The server seem...
    Michael Ward
    last modified by Michael Ward
  • Feature Request ? Create policy from host vs only one policy

    Hello,   The "create policy from host" feature in Policy Compliance module automatically embeds ALL the controls for a given technology. What I wish is to filter these controls to get a Policy created from the ...
    stan pichon
    created by stan pichon
  • Windows Client unable to connect to Windows DB server if weak ciphers are disabled

    Hi Guys,   I have disabled all weak ciphers on a windwos 2012 rserver and has 2016 SQL installed. 1 application on the workstation is connecting to the DB on server. We found out that if this registry key is de...
    Mina Medel
    created by Mina Medel
  • Deprecated SSH Cryptographic settings diffie-hellman-group1-sha1

    Folks,              We have a lot of Cisco Devices running a fairly recent code (Nexus, IOS, Catalyst). Our Qualys network vulnerability scanner is complaining about deprecated...
    Tarun Pahuja
    last modified by Tarun Pahuja
  • Change Severity based on Operating System

    Hello all, I am looking for a way to change the severity of vulnerability based on the operating system.  The use case is for a vulnerability that requires local access to exploit, i.e. Meltdown/Spectre.  A...
    Joseph Miller
    created by Joseph Miller
  • SameSite Cookie Info

    We were looking to see if Qualys WAS could be used to detect what the SameSite cookie attritube is set to for a given web application. There are some checks in place today around whether cookies contain the secur...
    Donal Scollan
    last modified by Donal Scollan
  • Authentication failed ntstatus=22220016

    Trying to figure out what ntstatus=22220016 means.  Anyone seen this before?  I find other status numbers in these forums but not this particular number. 
    Kevin Twingstrom
    last modified by Kevin Twingstrom
  • Key Exchange strength

    I'm trying to understand the grading scheme for Key Exchange strength. I'm currently getting a grade of 90%. My servers have both RSA/4096 and ECC/384 keys on them, using KxECDHE only.   The grading guide, ...
    Ken Schultz
    last modified by Ken Schultz
  • Citrix ADC flaw - no QID yet - CVE-2019-19781

    Hi all, i've raised a ticket #751285 for this urgent flaw in Citrix ADC/Netscaler, for which a mitigating control can be implemented.   Mitigation Steps for CVE-2019-19781    Thanks, Tony
    last modified by Chalky_White