Where can I find a list of false positives in Qualys? I searched and it mentioned go to network->vulnerabilities , where?
That is if you put in a false positive in rebuttal to a PCI scan finding. This would be unique to your account, not global to all Qualys subscriptions. I.E., you have a vulnerablitiy noted in a PCI report; however, you have a compensating control that you can provide evidence for.
The information you just copied and pasted clearly outlines how to report on this data for your account.
Your question doesn't make sense. Qualys doesn't "keep" false positives in their database. If a detection is brought up to them as a false positive, they correct said issue. It would be poor form for them to keep items that are known as false positives as customers would leave in mass for other vendors if this was actually the case. Data accuracy is key to vulnerability management.
Thanks for the explanation, how would I go about finding false positives then?
This site says this:
You can find information about false positives from the Current Vulnerabilities list and from the False Positive Request History list. All approved false positives expire in 90 days from the approval date. Once the false positive is expired, and after running another network scan that detects the vulnerability, submit a new false positive request for the vulnerability.
To search false positive requests for current vulnerabilities, go to Network > Vulnerabilities. Use the filter settings at the top of the page to find all vulnerabilities with associated false positive requests. Select the false positive status that you're interested in: Requested, Rejected, or Expired (was approved but expired after 90 days). The list of current vulnerabilities is dynamically updated to only show vulnerabilities that match your filter settings. (Note the Current Vulnerabilities list does not show false positives that are currently approved.)
Ok thanks , appreciate the time. Will look into this.
Retrieving data ...