• Vulnerability management

    Is there a way to organize vulnerabilities in order of severity and number of affected assets?  Like in Patch Management where you can see how many assets are missing vs installed?  
  • Strange Patch Management failure message

    Does anyone know what the Patch Management failure "languagedownloadnotavailable" means, please?   Ken
    Kenneth Ord
    created by Kenneth Ord
  • Clients not reporting Patch Management data

    I followed the PM User Guide up to the point where the patch vulnerability data should be reporting to the console, but it is not. I loaded the Cloud Agent on two machines and waited overnight for results, but no agen...
    Peter Crane
    last modified by Peter Crane
  • Integration Sophos and Qualys

    Good afternoon, Is  there integration between the manufacturer SOPHOS and Qualys? Thanks.
    Ricardo S
    created by Ricardo S
  • PM Deployment Job Asset Selection

    When setting up a deployment job it would be nice to be able to select from the list of assets that are missing the patches instead of having to build the list by hand or use a tag.
    Chris Duffy
    last modified by Chris Duffy
  • How can I get Reports to work?

    I'm using a trial (Consultant) version.  I have three test Windows 10 workstations with the cloud agent installed. Vulnerability scan are successfully being run and vulnerabilities are being reported to the conso...
    Peter Crane
    last modified by Peter Crane
  • POC for CVE-2018-16865/CVE-2018-16866 not working

    The System Down POC on the advisory site Security Advisories | Qualys, Inc. is not working. I am a security researcher trying to replicate the vulnerability. However, the POC failed both on Debian 9.6 and Ce...
    Jasper Al
    created by Jasper Al
  • How Can I Remove Duplicate Systems?

    I have a few Virtual Machines I am testing with.  I installed the Cloud Agent on one machine and took a snapshot of it.  The machine was reporting Vulnerability data, Inventory, and Patch Data just fine....
    Peter Crane
    created by Peter Crane
  • Public methods available in Groovy Script for invocation on different objects

    av_tagging groovy
    last modified by DMFezzaReed
  • TLS Padding Oracle Vulnerability (Zombie POODLE and GOLDENDOODLE) issue

    Hi,   I got vulnerability "TLS Padding Oracle Vulnerability (Zombie POODLE and GOLDENDOODLE)" ona scan I ran on 25th October 2019   QID: 38764 Category: General remote services CVE ID: CVE-2019-1559 Vendor...
  • Oracle WebLogic Server Multiple Vulnerabilities (CPUAPR2018) detected by Qualys even after applying the patch

    Hi, we have installed patch for Oracle WebLogic Server Multiple Vulnerabilities (CPUAPR2018) on our server six month back itself and now for Oracle WebLogic Server Multiple Vulnerabilities (CPUAPR2019), we ...
    Preethi R
    last modified by Preethi R
  • PM - Microsoft November Patch Update - no missing / installed patch

    Hi,  We're doing a PM POC.    I can see that November's Security update is available on Patches list, and I have agents running Windows 10 and Windows 2019 that should be patched by the update. Howeve...
    Paulus Tamba
    last modified by Paulus Tamba
  • Git client plugin (CVE-2019-10392)

    We've been alerted to a vulnerability CVE-2019-10392 related to the Jenkins Git client  plugin. There is nothing in the qualys knowledgebase about despite the advisory having been released in September 2019. When...
    Fiona Agu
    last modified by Fiona Agu
  • Product Feature Requests

    What is a Feature Request? A Feature Request is any suggestion for an enhancement to Qualys software. Feature Requests are not a contractual obligation for Qualys to develop the suggestion or to develop the request as...
    last modified by Robert Dell'Immagine
  • PM - 0 missing patches

    Hello! Patch Management has odd behavior. I have installed agent with PM module activated. In PM->Assets I see all my asset with agent. Asstes have status "Scanned", but Missing Patches are zero. I have found th...
    Sergey Akantyev
    last modified by Sergey Akantyev
  • Service Accounts Expiry

    Hi   I want to know as we have reset our few Environment's "service account" password's in Qualys and replicated this on AWS But our scans are still failing due to these password changes.   Is there any ot...
    Gaz H
    last modified by Gaz H
  • Cannot edit scheduled Patch Management job

    Sometimes when I log into Qualys Cloud and view Patch Management Jobs I see that I cannot edit them. There's no indication given as to why this happens. The manual says that On-Demand (run-once) jobs cannot be edited,...
    Kenneth Ord
    last modified by Kenneth Ord
  • Seeking workaround to restore bad grading on SSL

    I have a bad SSL report graded F and really need assistance. Below are summary results of what i gathered after the scan. ______________________________________________________________________________________________...
    Kedesh Pinia
    last modified by Kedesh Pinia
  • Patched vulnerabilities does not dissapear after next scan

    Hi,   We have issue inside of Qualys.   My collegue patched most of the vulnerabilities Qualys found in Linux, but after next scan, the issue is still there. If it was Windows, we know it might be in regis...
    Petr Dol
    last modified by Petr Dol
  • Qualys Cloud Suite and Qualys Cloud Platform Updates shown on QG Portal Not Sync with Version Update News?

    Hi, Anyone know when Qualys portal get updated? I am a customer on  Qualys Guard 3 portal, which currently shows Qualys Cloud Suite version 8.19 and Qualys Cloud Platform 2.38. These versions were last update...
    Joshua Chua
    last modified by Joshua Chua