When will the policy compliance module be available to those who have only agents deployed? I was told at this point you must have an appliance onsite to use that module.
"Platform" controls, like CIS benchmark, are supported for QAgent today. We are using them for Windows & Linux Servers, and Windows Workstations.
"Application" controls are not currently supported for QAgent (eg: Google Chrome policy). This is unfortunate because Windows Workstations are the most likely to have applications installed, but are also the most likely to be DHCP/transient hosts, which don't seem to work well with Qualys Network scanning.
For VM scanning there is currently no Hybrid scan where a QAgent scan will also trigger the remote/port "on-demand" scans from the Network scanner. Likewise PC Network scans also don't work well for assets which change IPs, are not always powered on, or are always on-network.
Additionally, there is no "KnowledgeBase" for Policy Compliance controls which documents which scan method is supported per control.
There seems to be occasional churn around Control implementation which breaks/fixes/breaks functionality (despite implementing "standard" policies which provide implementation, like CIS). For those using Qualys Policy compliance, do you feel this feature is very mature?
Retrieving data ...