• Qualys picking up previous kernel version?

    Hi A quick question to confirm: I want to know that we have ran scan's based on ALL EC2 instances, when ever we are patching the Environment's whether this is DEV/SIT/TEST etc...   However, once all these been ...
    Gaz H
    last modified by Gaz H
  • External Scans versus Dynamic IP

    Hi,   I'm consulting with a client who is using Qualys to perform external vulnerability scans.  The issue is they have dynamic IP so entering IP for the scans is problematic.     Would inst...
    Eric Beaumier
    last modified by Eric Beaumier
  • Qualys API Call

    Hi   I wanted to know how can we see an "API" instance call made in the background in a test environment, with instance ID etc...How can we see this on Qualys cloud platform console? Is this a possibility, of se...
    Gaz H
    last modified by Gaz H
  • Dashboards and Reporting Resources - Start Here

    Welcome to Dashboards and Reporting   Welcome to our Dashboards and Reporting space.  Here we will begin to collaboratively and constructively collect relevant legacy ...
    last modified by Felix Jimenez
  • How can i see qualys PCI support???

    I got answer False Positive Comment   False Positive request rejected. Please see Qualys PCI support case#691243. Kindly resubmit false positive request with additional information   how can i see qua...
    created by YEONGSEOP BYEON
  • Qualys Cloud Suite Password Parameters and Defaults in Release 8.16

    Qualys Cloud Platform Release 8.16 includes New Password Security Options   We’ve added several new password security options to enforce a strong password policy when logging into your Qualys subscript...
    last modified by DMFezzaReed
  • PC API query for compliance posture is not returning results for the last 2 days

    Hi   We had a working query and out of the sudden, it is not working anymore. And I have no idea what is the problem with it. This for the policy compliance posture.  Original query:   curl -u "Usern...
    Attila Horvath
    created by Attila Horvath
  • Trying to Search QIDs

    I am trying to get to the window where i can search QIDs.  I have a username and pw but it will not let me access the page.   QID 38738
    Kevin Beasley
    last modified by Kevin Beasley
  • How to get a PCI Report Certified by Qualys

    What are the steps needed to get a PCI report certified by Qualys?
    Sam Friday
    last modified by Sam Friday
  • Dashboard Toolbox - VM DASHBOARD BETA: PCI Compliance Vulnerability Exposure Dashboard

    This page contains information to create a PCI Compliance Vulnerability Exposure Dashboard BETA dashboard leveraging data in your Qualys Vulnerability Management subscription.  This dashboard is part of the ...
    Felix Jimenez
    last modified by Felix Jimenez
  • SSL Labs Tests for URLs with status codes

    Hi,   In order to run SSL Labs test for a url what http status code is considered, is it only 200 or any other status codes?
    Security User
    created by Security User
  • Generating alerts from FIM data

    We are using the Cloud Agents with FIM enabled in our cloud infrastructure as a replacement for AIDE. Is there any way to create alerts based on a set of criteria? We would want either emails to be sent out or possibl...
    Robert Barrow
    last modified by Robert Barrow
  • Version of Qualys

    Hello, How to find the version of Qualys where only PCI Compliance Module is in use? Thanks.
    peipei jin
    last modified by peipei jin
  • CVE-2004-0230- TCP Sequence Number Approximation Based Denial of Service.

    This vulnerability (CVE-2004-0230- TCP Sequence Number Approximation Based Denial of Service) is reported on many windows 2008 servers. As per Microsoft, this is a protocol issue and is fixed since 2005 for for IPv4 a...
    Umesh Hande
    last modified by Umesh Hande
  • PCI External Network Scan vs PCI Web Application Scan

    I could see below description for both PCI External IP scan vs Web Application Scans    PCI External Network Scans The Network section is where you manage your quarterly external network scans, per PCI ...
    last modified by shanmugammanian
  • Deprecated SSH Cryptographic Settings

    Hello, I have received this message as a vulnerability from one of my servers. But I'd like to know which cryptographies are the ones he says are discontinued.
    Eric Barreto
    last modified by Eric Barreto
  • PCI QIDs Exclusion within the VM Module

    Has anyone been able to exclude PCI QIDs within the VM portion of Qualys to ensure that when you run a Compliance Report that they don't show in those reports? Would be great to know if anyone have achieved this.
    Sanele Mthembu
    last modified by Sanele Mthembu
  • PCI fail: SSL Certificate Signed Using Weak Hashing Algorithm (Known CA)

    I've been in IT for a while, but I'm fairly new to PCI compliance.   One of the errors my scan is failing  on is: SSL Certificate Signed Using Weak Hashing Algorithm (Known CA)    The server seem...
    Michael Ward
    last modified by Michael Ward
  • Number of FAIL in a PCI report

    Is there an easy way to find the number of FAIL's in a PCI Scan Results report?  It doesn't seem like you can add up the number PCI vulnerabilities in the summary.
    Don Goldstein
    last modified by Don Goldstein
  • Sweet 32 PCI Scan vs SSLlabs

    When I scan my website with SSLLabs we are given an A rating.  However, performing a Qualys PCI Scan on our site fails due to Sweet32 vulnerability.   3DES Ciphers are allowed on our site but they are at th...
    John Sulik
    last modified by John Sulik