Hello Qualys Community,
I'm still very new at using Qualys VM, and I was just wondering if Qualys can scan the whole network looking for a specific vulnerability.
For example, with the heartbleed vulnerability, without knowing what servers are running on our network, can I use qualys VM to scan the whole network to look for any items that have that vulnerability?
Or do I need to first do an inventory and make asset groups before I can for a specific port against those?
I was able to create a map of our network (with some assistance from a colleague), but it looks like I would still need to identify and then add those to an asset? Also, scanning an object for a specific vulnerability requires that object to have a license right?
Since I didn't know how or if qualys was capable of searching for anything on the network with the heartbleed vulnerability, I ended up using nmap to search our network for it.
thanks for any help