007 - Vulnerability Findings

1
Vulnerability findings (for all
assets) can be viewed from the
VULNERABILITIES section of
Qualys VM and VMDR. Near the
top of the page, click
VULNERABILITIES.

2
All detected vulnerabilities are
listed here.

3
You can toggle the view between
Vulnerabilities or their associated
Assets. For now, we'll stick with
vulnerabilities.

Nov 30, 2021 1 of 10

 007 - Vulnerability Findings

4
The total number of detections are
listed at the top of the faceted
search pane.

5
You can quickly and easily filter
vulnerability findings by Severity
Level, Category, Operating System,
Detection Type and more.

Nov 30, 2021 2 of 10

 007 - Vulnerability Findings

6
Let's narrow the scope of this list.
In the "Search" field (near the top)
we'll execute a query to list only
patchable vulnerabilities...

7
...and then execute to see the
results.

8
The result set now displays
patchable vulnerabilities (those
that have a patch in the Qualys
Patch Catalog).

Nov 30, 2021 3 of 10

 007 - Vulnerability Findings

9
To receive patches, hosts must be
running the Qualys Cloud Agent
with the Patch Management
module activated. We'll add these
two requirements to our query.

10
Click the "Add" button.

11
A second "Search" field is added.
We'll now include the "Cloud
Agent Host" condition.

Nov 30, 2021 4 of 10

 007 - Vulnerability Findings

12
The tags.name token set to the
value of 'Cloud Agent' will
include all agent hosts.

13
We'll now add the "Activated
Patch Management Module"
condition.

14
Only agent hosts with the Patch
Management module activated,
will be included. Qualys Patch
Management relies on Qualys
Cloud Agents to provide the
patching response.

Nov 30, 2021 5 of 10

 007 - Vulnerability Findings

15
In its entirety, the query is
looking for patchable
vulnerabilities, discovered on
host running the Qualys Cloud
Agent with the Patch
Management module activated.
We'll execute this query to see
the new result.

16
The result set now lists
vulnerabilities that can be
successfully patched with
Qualys VMDR. Click the check
box at the top of the list (just
below the "Search" fields).

17
With all vulnerabilities selected,
click the "Actions" button...

Nov 30, 2021 6 of 10

 007 - Vulnerability Findings

18
...and select View Missing
Patches.

19
Patching is supported for both
Linux and Windows hosts. For
this example, click the "View
Missing Patches" button for
Linux.

20
You are automatically placed
within the Patch Catalog, of the
Patch Management application
and all patches for the selected
vulnerabilities are now displayed.

Click the check box at the top

(just below the "Search" fields) to
select all patches.

Nov 30, 2021 7 of 10

 007 - Vulnerability Findings

21
With all patches selected, click
the "Actions" button.

22
...and select Add to Existing Job.

23
We'll add the patches to a patch
deployment job that is scheduled
to run daily. Select the check
box for the "Daily Patch
Deployment" job.

Nov 30, 2021 8 of 10

 007 - Vulnerability Findings

24
Click the "Add" button.

25
The selected patches have been
successfully added to the Daily
Patch Deployment job. They will
be deployed the very next time
this job is scheduled to run.

26
This concludes the "Vulnerability
Findings" tutorial. Close this
window and continue to read
through your Lab Tutorial
Supplement.

Nov 30, 2021 9 of 10

 007 - Vulnerability Findings

Scan to go to the interactive player

Nov 30, 2021 10 of 10