• Custom WMI Query

    I'm pretty terrible at getting these custom WMI queries figured out, but luckily there's a community that I can ask.   A bit of backstory in case someone has a better solution/suggestion. We use the CIS policies...
    Adam Browning
    created by Adam Browning
  • Qualys Integration with Google Cloud Security Command Center

    Introduction Customers can now access Qualys vulnerability findings in the Google Cloud Security Command Center (SCC). This will help them prioritize risks and automate remediation using native services such as&#...
    Hari Srinivasan
    last modified by Sadanand Nerurkar
  • Detecting All Databases in the Enviornment

    Is there a way to detect all databases in the environment. By all, I mean databases using standard as well as non standard ports. I tried using QID 19568 but this does not seems to pick up all the databases. Is there ...
    last modified by kcn
  • Exchange Server 2016

    Does Exchange Server 2016 need a SMB version when setting up the Windows Record?  This is the only setting I haven't Tried.   Im having issues achieving Authentication with the Servers that have Exchan...
    Ben Trevino
    last modified by Ben Trevino
  • Assess Vulnerabilities and Misconfigurations in CICD Pipelines

    Who is this written for?  This document is to provide a flow of how to integrate Qualys Virtual Scanner Appliance into your DevOps pipelines. This is a tool, vendor, and cloud environment agnostic approach that w...
    Sean Nicholson
    last modified by Sean Nicholson
  • Windows Authentication Failure Codes (NTSTATUS)

    We have a bunch of failed Windows Authentications that cannot have the NTSTATUS value placed.  Using Microsoft's list @ [MS-ERREF]: NTSTATUS Values | Microsoft Docs , as well as the responses from threa...
    Matthew Snyder
    last modified by Matthew Snyder
  • First detected date for CIDs in PC reports

    Is there a way to get the "First Detect" date of a CID to show up in a PC report, similar to how it will show for QIDs in a vulnerability report?   This column could be useful for prioritization and tracking tre...
    Mark A
    last modified by Mark A
  • Dashboards and Reporting Resources - Start Here

    Welcome to Dashboards and Reporting   Welcome to our Dashboards and Reporting space.  Here we will begin to collaboratively and constructively collect relevant legacy ...
    last modified by Felix Jimenez
  • Qualys GDPR Question

    Can anyone tell me, does qualys has a template to scan for GDPR controls ? If yes, where can i find the template ?   qualys vm gdpr compliance
  • Feature Requests - Policy Compliance

    1. I wish that in Policy Compliance when searching against a Policy or Control you could select an option to just return the last result detected, instead of every result that every was found.  Last Scan Date and...
    last modified by theone2018
  • Tomcat Setup

    I have read the Tomcat setup help section many times. We have systems that have Tomcat but they all have different installation directories. I am trying to test to see if I made the application records correctly for W...
    Ben Trevino
    created by Ben Trevino
  • MySQL Authentication for PC

    Hello,   I keep getting an error of the sort:    MySQL authentication was NOT successful on host xxx.xxx.xxx, port xxxx, database xxxxxx, reason: Access denied for user 'QUALYS_SCAN'@'%' to database 'x...
    Ajay Desai
    last modified by Ajay Desai
  • Tomcat Authentication questions

    Has anyone dealt with tomcat installation directorys   my company has unix and windows servers that have tomcat.   Some machines have different directorys.   does every different directory need to ha...
    Ben Trevino
    created by Ben Trevino
  • Qualys and BeyondTrust

    hi,    i’m trying to set up auth scan using beyondtrust pbps and has followed the guide. i’m having trouble understanding what’s wrong as the message only says “unable to complete lo...
    Paulus Tamba
    created by Paulus Tamba
  • Asset View - How to query assets policy compliane data?

    I am trying to add an asset view widget for policy compliance related data to a dashboard. E.g. num of total compliance failures for set of assets. Is it possible? how which attributes to use. I see primarily you can ...
    last modified by sandip
  • Meaning of EC Groups information

    While adapting my home-developed TLS server analysis tool to TLS1.3, and comparing it to ssllabs Free SSL Server Test, I found differences in the reporting of the EC and DHE supported groups/curves. My tool uses the ...
    Jesús Diego
    last modified by Jesús Diego
  • Transfer from Policy Compliance module to Security Configuration Assessment module

    I would like to ask for an advice. In case we go from Policy Compliance (PC) module to Secure Configuration Assessment (SCA) module, can we use existing edited CIS policies from Policy Compliance? Export them and...
  • Unable to Delete a User in Qualys

    " Following users cannot be deleted. Please check the reasons below and proceed to make appropriate changes before deleting these users. <UserName>    This user has at least one scan or map in run...
    last modified by cutekido
  • Help Center for Alibaba Cloud

    Welcome Here's where you'll find everything you need to know on using Qualys in securing Alibaba Cloud.   Organizations that deploy workloads in the cloud must expand their security practices to that infrastructu...
    Alex Mandernack
    last modified by Alex Mandernack
  • Help Center for IBM Cloud

    Welcome Here's where you'll find everything you need to know on using Qualys in securing IBM Cloud.   Organizations that deploy workloads in the cloud must expand their security practices to that infrastruct...
    Alex Mandernack
    last modified by Alex Mandernack