How can I perform vulnerability scan or Policy Compliance scan on FTP server to find out vulnerability related to ftp.
If you are talking about vulnerabilities related to ftp, then typically you would perform a vulnerability scan of the target. By default you can including scanning of all QIDs (Qualys Vulnerability Checks) this will include FTP related QIDs as well. Otherwise if you are only interested in FTP related vulnerabilities you can create a search list of only FTP related QIDs and scan your ftp target.
If you are talking about ensuring that FTP services should not be present or properly configured according to security best practices, then you would perform a Policy Compliance scan. By default it will include Control IDs (CIDs) for FTP configuration checks.
Ideally, you'll want to perform both Vulnerability and Policy Compliance scans against your targets.
Below are few resources to help you get started. I would also encourage you to reach out to your Technical Account Manager to help you further.
Hope this helps.
Retrieving data ...