Scan Report Template Findings

In this tutorial, you'll examine the options within the "Findings" section, of a Scan Report Template. To
get started, click REPORTS at the top of the page.

Jun 21, 2023 1 of 61

 Scan Report Template Findings

Here in the "Reports" section of Qualys VMDR, click the "Templates" tab.

Jun 21, 2023 2 of 61

 Scan Report Template Findings

Here under the "Templates" tab, you can edit, or run a report from an existing template. To create a new
template, click the "New" button (just below the "Reports" tab)...

Jun 21, 2023 3 of 61

 Scan Report Template Findings

... and select the "Scan Template" option.

Jun 21, 2023 4 of 61

 Scan Report Template Findings

A Scan Report Template, allows you to distribute vulnerability scan results and findings to operational
and remediation teams within your organization. We'll provide a Title for this template.

Jun 21, 2023 5 of 61

 Scan Report Template Findings

To make this template available to other Qualys users, click the check box to "Make this a globally
available template."

Jun 21, 2023 6 of 61

 Scan Report Template Findings

Click "Findings," in the navigation pane (on the left).

Jun 21, 2023 7 of 61

 Scan Report Template Findings

The options at the top of the "Findings" section, specify the type of data to be included in this report.

Jun 21, 2023 8 of 61

 Scan Report Template Findings

Host-based findings encompass the "unpurged" scan history, for all assets in your account, while Scan-
based findings are comprised of your account's individual scan results (those you would normally find
under the "Scans" tab).

Jun 21, 2023 9 of 61

 Scan Report Template Findings

Jun 21, 2023 10 of 61

 Scan Report Template Findings

We'll demonstrate both types of data in this tutorial, starting with Host-based findings. Only host-based
findings provide the option to include trending. Just below the "Host-based Findings" radio button, click
the check box to "Include trending."

Jun 21, 2023 11 of 61

 Scan Report Template Findings

Jun 21, 2023 12 of 61

 Scan Report Template Findings

Just right of the "Include trending" check box, click the "Select time frame" link.

Jun 21, 2023 13 of 61

 Scan Report Template Findings

For best results, Qualys recommends a trending time frame of 90-days or less. You can also customize
the trending time frame for specific date ranges.

Jun 21, 2023 14 of 61

 Scan Report Template Findings

With trending enabled for 90-days, let's choose the host targets for this report. Targets can comprise of
Asset Groups, IP addresses, or Asset Tags,

Jun 21, 2023 15 of 61

 Scan Report Template Findings

For this example, click the "Add Tag" link...

Jun 21, 2023 16 of 61

 Scan Report Template Findings

... and select the "Type: Domain Controller" tag (at the top of the "Favorite Tags" list).

Jun 21, 2023 17 of 61

 Scan Report Template Findings

This report is now configured to target Windows Domain Controllers, and will use host-based findings
with trending enabled. Click the "Test" button (bottom right-corner).

Jun 21, 2023 18 of 61

 Scan Report Template Findings

A scan report with host-based vulnerability findings, has been successfully created for Domain
Controllers. We'll scroll down to view the Detailed Results.

Jun 21, 2023 19 of 61

 Scan Report Template Findings

Along with the Asset Tags assigned to this host, its TruRisk Score and Asset Criticality Score are
provided.

Jun 21, 2023 20 of 61

 Scan Report Template Findings

Host-based findings are comprised of all "unpurged" scan results for all assets in your account.

Jun 21, 2023 21 of 61

 Scan Report Template Findings

This provides the advantage of viewing each vulnerability's present status. All of these are "Active,"
meaning they have been detected more than once on the same host.

Jun 21, 2023 22 of 61

 Scan Report Template Findings

Click to expand the confirmed vulnerability at the top of the list.

Jun 21, 2023 23 of 61

 Scan Report Template Findings

With host-based findings driving this report, the "First Detected" and "Last Detected" dates are provided
for each vulnerability.

Jun 21, 2023 24 of 61

 Scan Report Template Findings

In an upcoming lab tutorial, you'll learn to configure "Display" options to provide specific vulnerability
details. We'll now return to the template, to take a look at the "Scan-based Findings" option.

Jun 21, 2023 25 of 61

 Scan Report Template Findings

In the top-left corner of this report, click the "File" button...

Jun 21, 2023 26 of 61

 Scan Report Template Findings

... and select Close.

Jun 21, 2023 27 of 61

 Scan Report Template Findings

Let's see how this template behaves, when we switch to Scan-based Findings.

Jun 21, 2023 28 of 61

 Scan Report Template Findings

Select the "Scan Based Findings" radio button.

Jun 21, 2023 29 of 61

 Scan Report Template Findings

Notice that the options to Choose Host Targets, has been removed. The host IPs for all scan-based
findings, are contained within the individual scan results, which you will select in just a moment. Click
the "Test" button (bottom-right).

Jun 21, 2023 30 of 61

 Scan Report Template Findings

Jun 21, 2023 31 of 61

 Scan Report Template Findings

Reports that use scan-based findings, require a Qualys user to manually select the desired scan results,
at the time of report creation. These are the same scan results found under the scans tab.

Jun 21, 2023 32 of 61

 Scan Report Template Findings

Notice that each scan result comes with its own list of host IP addresses; therefore, no need to specify
these targets back in the template.

Jun 21, 2023 33 of 61

 Scan Report Template Findings

A useful scan-based findings feature, allows you to single-out one or more IPs, when the report is
created. This is helpful when troubleshooting or analyzing host anomalies.

Jun 21, 2023 34 of 61

 Scan Report Template Findings

We'll select a scan and specify an IP address for you.

Jun 21, 2023 35 of 61

 Scan Report Template Findings

With a scan and IP address selected, click the "Run" button.

Jun 21, 2023 36 of 61

 Scan Report Template Findings

A report with scan-based findings has been successfully created. We'll scroll down to view the Detailed
Results.

Jun 21, 2023 37 of 61

 Scan Report Template Findings

While scan-based findings include all of the vulnerability detections encountered during a scan...

Jun 21, 2023 38 of 61

 Scan Report Template Findings

... without history data, this report cannot display the present status of each vulnerability; each report
represents an isolated "snapshot" in time.

Jun 21, 2023 39 of 61

 Scan Report Template Findings

Click to expand the details for this confirmed vulnerability.

Jun 21, 2023 40 of 61

 Scan Report Template Findings

While vulnerability details are available for this scan instance or snapshot, without vulnerability history
data, the "First Detected" and "Last Detected" dates are unavailable. We'll scroll down to view more
results for this host.

Jun 21, 2023 41 of 61

 Scan Report Template Findings

Jun 21, 2023 42 of 61

 Scan Report Template Findings

Because scan-based findings are useful for troubleshooting or analyzing anomalies, the "Information
Gathered" data in this report provides an abundance of scan details and statistics.

Jun 21, 2023 43 of 61

 Scan Report Template Findings

Click to expand the "Information Gathered" results in this report.

Jun 21, 2023 44 of 61

 Scan Report Template Findings

Hundreds of "Information Gathered" QIDs provide everything from authentication results, to individual
host scan times. The QIDs in this section can be converted into Widgets that monitor asset health
within your account.

Jun 21, 2023 45 of 61

 Scan Report Template Findings

Jun 21, 2023 46 of 61

 Scan Report Template Findings

In the upper-left corner of the report. click the "File" button...

Jun 21, 2023 47 of 61

 Scan Report Template Findings

... and select Close.

Jun 21, 2023 48 of 61

 Scan Report Template Findings

Remember, Scan-based Findings get host targets from the scan results you manually select at report
runtime; and therefore, are not required in the template, when the "Scan-based Findings" radio button is
selected.

Jun 21, 2023 49 of 61

 Scan Report Template Findings

Jun 21, 2023 50 of 61

 Scan Report Template Findings

Scan-based findings are commonly used for troubleshooting or analyzing scan performance. Reports
that use scan-based findings, do not provide vulnerability status or history information.

Jun 21, 2023 51 of 61

 Scan Report Template Findings

Click to select the "Host Based Findings" radio button.

Jun 21, 2023 52 of 61

 Scan Report Template Findings

The host-based findings option requires you to choose the host targets for a report, using Asset
Groups, IP addresses, or Asset Tags.

Jun 21, 2023 53 of 61

 Scan Report Template Findings

The host-based findings option is a requirement, if you want to include trending in your report. For best
results, Qualys recommends a trending time frame of 90-days.

Jun 21, 2023 54 of 61

 Scan Report Template Findings

Host-based findings have the advantage of providing vulnerability status and history information, which
makes it a recommended option for creating vulnerability reports.

Jun 21, 2023 55 of 61

 Scan Report Template Findings

To save this template and create future reports, click the "Save" button (lower-right corner).

Jun 21, 2023 56 of 61

 Scan Report Template Findings

The "RSBP Scan Report Template" has been successfully added to this account's "Templates" tab.

Jun 21, 2023 57 of 61

 Scan Report Template Findings

Click to open its "Quick Actions" menu.

Jun 21, 2023 58 of 61

 Scan Report Template Findings

In addition to making future edits and updates, you can run any report from its "Quick Actions" menu,
here under the "Templates" tab.

Jun 21, 2023 59 of 61

 Scan Report Template Findings

This concludes the "Scan Template Findings" tutorial. You may close this window and return to your
Lab Tutorial Supplement.

Jun 21, 2023 60 of 61

 Scan Report Template Findings

Scan to go to the interactive player

Jun 21, 2023 61 of 61