AnsweredAssumed Answered

Report for Top 10 Misconfigurations

Question asked by sec_ois on Jul 15, 2013
Latest reply on Jul 17, 2013 by sec_ois

Good Afternoon,


I am new to Qualys and have been spending the past week on the Qualys site learning and absorbing as much as I can.


We recently generated a scan that served its purpose in identifying vulnerable items in our systems.


During a meeting I was asked to identify the Top 10 Mis-configuration Mistakes for our systems after identifying some clients where the adminsitrator account may not expire or windows accounts with unchanged passwords.


A couple of questions...


Will such configuration mistakes be listed only as vulnerabilities? Is there a way to distinguish them?


Any assistance would be much appreciated even if it is to point me in the right direction.


If possible I am also interested in identifying the # of clients affected and their computer names.