• Dashboards and Reporting Resources - Start Here

    Welcome to Dashboards and Reporting   Welcome to our Dashboards and Reporting space.  Here we will begin to collaboratively and constructively collect relevant legacy ...
    last modified by DMFezzaReed
  • SSL Server Test-Weak Ciphers

    Below is the CipherSuite which is configured on Apache-SSL.conf, When I am running SSL Server Test we are getting the result as we are using weak ciphers. Can someone please help how to disable the weak cipheres, ...
    Teja Mannava
    last modified by Teja Mannava
  • SCA Policies

    On SCA, for each technology there are Level 1, Level 2 and Level 1 + 2 policies. What are the differences between those? On which scan should I use them? Also, all of them are marked as "Scored", what does it me...
    Adrian Prieto
    last modified by Adrian Prieto
  • Product Feature Requests

    What is a Feature Request? A Feature Request is any suggestion for an enhancement to Qualys software. Feature Requests are not a contractual obligation for Qualys to develop the suggestion or to develop the request as...
    last modified by Robert Dell'Immagine
  • Transfer from Policy Compliance module to Security Configuration Assessment module

    I would like to ask for an advice. In case we go from Policy Compliance (PC) module to Secure Configuration Assessment (SCA) module, can we use existing edited CIS policies from Policy Compliance? Export them and...
  • SCA scan logs

    Hi there i would appreciate if somebody can indicate where i can get the logs with a SCA scan on Solaris 11. No qualys agent is installed.   thank you. Thewie.
    Thewie Eksteen
    created by Thewie Eksteen
  • End of Life(EOL) or End of Support(EOS) of sofware/Product

    Does qualys also provides information about the software/Product identified has reached its End of support (EOS) or End of life(EOL)? I know it basically  reports the outdated and vulnerable software/components/p...
    VA icon
    last modified by VA icon
  • SCA scan on Solaris 11

    Need commands to run an SCA scan on Solaris 11 server, any help will be appreciated. No Cloud Agent is installed.
    Thewie Eksteen
    last modified by Thewie Eksteen
  • Why the Grade is capped down to B from A+ when weak ciphers are removed?

    Initially, when tested with ssllabs, overall rating was given A+. Under Cipher suites it showed all the ciphers with CBC and TLS_RSA as weak. I know that these are considered weak. # TLS 1.2 (suites in server-preferre...
    Meshach M
    last modified by Meshach M
  • DoD Root CA 3 Not in trust store

    Why is SSLLabs failing on my site with this error:   DoD Root CA 3   Not in trust store. It's saying my server certificate is not trusted and our ISP is threatening to shut it down due to this status. ...
    Dan Wegrzyniak
    last modified by Dan Wegrzyniak
  • Qualys Cloud Suite Password Parameters and Defaults in Release 8.16

    Qualys Cloud Platform Release 8.16 includes New Password Security Options   We’ve added several new password security options to enforce a strong password policy when logging into your Qualys subscript...
    last modified by DMFezzaReed
  • Google Chrome vulnerability

    Hi All, In our environment some of devices do not have google chrome installed still it is showing vulnerable to chrome for different previous version. I have checked system installation and user profiles and registry...
    Arun Kumar
    last modified by Arun Kumar
  • CIS benchmarks L1, Server 2016 Member on firewall settings

    Hi,  We seem to have an issue with one of the CIS benchmarks around Server 2016 and the firewall settings. I'm not sure if we are missing something due to a mixed message between the Group Policy wording, Regist...
  • Keeping Root's Bash History File with Qualys Authenticated Scanning

    Many InfoSec teams who use Qualys Authenticated (Trusted) Scanning on *nix targets get complaints from the *nix platform admins about "filling up root's history file". This article describes some of the implications o...
    Martin Walker
    last modified by Brian Canaday
  • Qualys Authenticated Scanning for Network Devices

    Need help in setting up Authenticated Records for Network devices such as Router, Switches, Firewalls and VMware ESXI appliances. Do they require a Service account with Admin privileges as well? Kindly assist
    Harini Srigiri
    last modified by Harini Srigiri