What color code is used in the qualys KnowledgeBase to identify QIDs that exhibit predictable results in the presence or absence of authentication?

Thousands of IT organizations across the world use vulnerability scanners to perform unauthenticated scans and find threats within their network. These scans find basic weaknesses and detect issues within operating systems, open network ports, services listening on open ports, and data leaked by services. This gives companies the ability to see their network from the eyes of an attacker. Is performing unauthenticated scans enough?

Unauthenticated vs. Authenticated Scans

Unauthenticated testing alone will not fully simulate targeted attacks on your application or system. Although unauthenticated scans will show weaknesses in your perimeter, they will not show you what the attacker will exploit once breaching your perimeter: weaknesses within your network. Authenticated scans allow vulnerability scanners to use privileged credentials to dig deeper into a network and detect threats around weak passwords, malware, installed applications, and configuration issues. They are able to simulate what a user of the system can actually do. By finding and fixing internal security holes, you can prevent an attacker who breached your perimeter defenses from moving deeper within your network.

Though authenticated scans are valuable, they require privileged accounts so the scanner can access the network. This can be a cause for concern. What happens to these credentials after they are used, and what happens if they are not stored securely and an attacker gets ahold of them?

The solution is to store privileged account credentials in an on-premise vault, which controls access, changes their passwords regularly, and provides secure, audited access to your vulnerability scanning tool.

Secret Server and Qualys

Secret Server integrates with Qualys to act as a secure vault for the credentials used for authenticated scans. Qualys retrieves credentials from Secret Server and then performs the authenticated scan to detect inside vulnerabilities. Once the scan is complete, Secret Server can automatically change those credentials and ensure they are correct across the network, preventing outside attackers from getting ahold of them.

FREE TOOL:Windows Privileged Account Discovery Tool

What will you find?

0% found this document useful (0 votes)

1K views6 pages

Soal Qualys

Uploaded by

Ikbal Nurmansani

Description:

Qualys exam

Full description

Jump to Page

You are on page 1of 6

Search inside document

You're Reading a Free Preview
Pages 4 to 5 are not shown in this preview.

Buy the Full Version

Reward Your Curiosity

Everything you want to read.

Anytime. Anywhere. Any device.

No Commitment. Cancel anytime.

What color code is used in the Qualys KnowledgeBase to identify QIDs that exhibit predictable?

What are the different types of vulnerability identifiers found in the Qualys KnowledgeBase?

When a blue key icon is associated with a Qid in the Qualys KnowledgeBase?

Which display option in a scan report template identifies the data or evidence collected from a host that produces a specific vulnerability finding?