• Scan Interference after moving to AWS

    We recently moved our webserver to AWS EC2 instance and now when we run a ASV scan, it fails due to QID 42432  Service name: Unknown - Possible Scan Interference on TCP port 443. We have ports 80 and 443 ope...
    Paul M
    created by Paul M
  • Dashboards and Reporting Resources - Start Here

    Welcome to Dashboards and Reporting   Welcome to our Dashboards and Reporting space.  Here we will begin to collaboratively and constructively collect relevant legacy ...
    DMFezzaReed
    last modified by DMFezzaReed
  • Remote Management Service Accepting Unencrypted Credentials Detected

    Dears , Could you support for this ,we are getting the below vulnerability for Cisco routers although the TFTP is not running . what will be the correct solution for it . Title : Remote Management Service Acceptin...
    waeel ahmed
    created by waeel ahmed
  • Policy Compliance of Window Server 2016

    The authentication of Window Server 2016 IP address is passed on VA, but when doing the compliance of the same IP Address and checking the authentication report shows not attempted. Any suggestion on how to resolve th...
    Gohar Naseem
    last modified by Gohar Naseem
  • CVE-2004-0230- TCP Sequence Number Approximation Based Denial of Service.

    This vulnerability (CVE-2004-0230- TCP Sequence Number Approximation Based Denial of Service) is reported on many windows 2008 servers. As per Microsoft, this is a protocol issue and is fixed since 2005 for for IPv4 a...
    Umesh Hande
    last modified by Umesh Hande
  • Product Feature Requests

    What is a Feature Request? A Feature Request is any suggestion for an enhancement to Qualys software. Feature Requests are not a contractual obligation for Qualys to develop the suggestion or to develop the request as...
    DMFezzaReed
    last modified by DMFezzaReed
  • Dashboard Toolbox - VM DASHBOARD: PCI Compliance Vulnerability Exposure Dashboard

    This page contains information to create a PCI Compliance Vulnerability Exposure Dashboard BETA dashboard leveraging data in your Qualys Vulnerability Management subscription.  This dashboard is part of the ...
    Felix Jimenez
    last modified by Felix Jimenez
  • I am getting a vulnerability in my external scan but according to me this can't be true, please suggest what is to be done.

    Threat: An SSL Certificate associates an entity (person, organization, host, etc.) with a Public Key. In an SSL connection, the client authenticates the remote server using the server's Certificate and extracts the Pu...
    Puneet Shrivastava
    last modified by Puneet Shrivastava
  • Generating alerts from FIM data

    We are using the Cloud Agents with FIM enabled in our cloud infrastructure as a replacement for AIDE. Is there any way to create alerts based on a set of criteria? We would want either emails to be sent out or possibl...
    Robert Barrow
    last modified by Robert Barrow
  • SSL Certificate - Signature Verification Failed Vulnerability

    In our PCI scan there were many vulnerabilities i.e. self-signed, invalid maximum validity date and etc. So, we created our own root CA in one of our server which is running on Microsoft Windows Server 2012. We are us...
    Hizbullah Watandost
    last modified by Hizbullah Watandost
  • PCI fail: SSL Certificate Signed Using Weak Hashing Algorithm (Known CA)

    I've been in IT for a while, but I'm fairly new to PCI compliance.   One of the errors my scan is failing  on is: SSL Certificate Signed Using Weak Hashing Algorithm (Known CA)    The server seem...
    Michael Ward
    last modified by Michael Ward
  • PC API query for compliance posture is not returning results for the last 2 days

    Hi   We had a working query and out of the sudden, it is not working anymore. And I have no idea what is the problem with it. This for the policy compliance posture.  Original query:   curl -u "Usern...
    Attila Horvath
    last modified by Attila Horvath
  • PCI 4.0 Draft

    The PCI 4.0 draft appears to only be available to certain groups through PCI SSC. As an ASV would Qualys be able to share a draft so that we could see what might be in the next revision?
    Micheal Stephenson
    last modified by Micheal Stephenson
  • Service Accounts Expiry

    Hi   I want to know as we have reset our few Environment's "service account" password's in Qualys and replicated this on AWS But our scans are still failing due to these password changes.   Is there any ot...
    Gaz H
    last modified by Gaz H
  • Qualys picking up previous kernel version?

    Hi A quick question to confirm: I want to know that we have ran scan's based on ALL EC2 instances, when ever we are patching the Environment's whether this is DEV/SIT/TEST etc...   However, once all these been ...
    Gaz H
    last modified by Gaz H
  • External Scans versus Dynamic IP

    Hi,   I'm consulting with a client who is using Qualys to perform external vulnerability scans.  The issue is they have dynamic IP so entering IP for the scans is problematic.     Would inst...
    Eric Beaumier
    last modified by Eric Beaumier
  • Qualys API Call

    Hi   I wanted to know how can we see an "API" instance call made in the background in a test environment, with instance ID etc...How can we see this on Qualys cloud platform console? Is this a possibility, of se...
    Gaz H
    last modified by Gaz H
  • How can i see qualys PCI support???

    I got answer False Positive Comment   False Positive request rejected. Please see Qualys PCI support case#691243. Kindly resubmit false positive request with additional information   how can i see qua...
    YEONGSEOP BYEON
    created by YEONGSEOP BYEON
  • Qualys Cloud Suite Password Parameters and Defaults in Release 8.16

    Qualys Cloud Platform Release 8.16 includes New Password Security Options   We’ve added several new password security options to enforce a strong password policy when logging into your Qualys subscript...
    DMFezzaReed
    last modified by DMFezzaReed
  • Trying to Search QIDs

    I am trying to get to the window where i can search QIDs.  I have a username and pw but it will not let me access the page.   QID 38738
    Kevin Beasley
    last modified by Kevin Beasley