\n
Qualys is used by over 10,000 customers<\/strong> in 130 countries, including many of the largest enterprises. Their engine performs over 6 billion annual scans<\/strong> with 99.99966% accuracy and processes over 1 trillion security events per year. It’s an excellent choice for a network vulnerability scanner due to its robust features, accuracy and low network impact. Qualys offers a comprehensive set of scanning capabilities that cover a wide range of network components, including systems, applications, and cloud environments<\/strong>. It employs advanced scanning techniques to identify vulnerabilities, misconfigurations, and security weaknesses accurately. This extensive coverage ensures that your network is thoroughly examined.<\/p>\n\n\n\nQualys continuously updates its vulnerability database, ensuring that it detects the latest threats and vulnerabilities. Additionally, Qualys offers intuitive reporting, making it accessible and convenient for users of any skill and background.<\/p>\n<\/div>\n\n\n\n
\n
Qualys excels at discovering and scanning network assets in leading cloud providers like Amazon AWS, Microsoft Azure, and Google Cloud Platform (GCP)<\/strong>. With deep integration and native support for these cloud environments, Qualys effortlessly identifies and assesses the security posture of assets within these platforms.<\/p>\n\n\n\nThrough its cloud connectors, Qualys can automatically discover assets deployed in Amazon AWS, Microsoft Azure, and GCP, providing comprehensive visibility across cloud environments. It accurately scans virtual machines, containers, and networked cloud resources<\/strong> to identify vulnerabilities and misconfigurations.<\/p>\n\n\n\n<\/p>\n<\/div>\n<\/div>\n\n\n\n
\nQualys checks for over 100,000 vulnerabilities,
with sometimes hundreds added or updated daily.<\/p>\n<\/blockquote>\n\n\n\n
<\/div>\n\n\n\n
Using Network Vulnerability Scans in Your Environment<\/strong><\/h2>\n\n\n\n\n
\n
Performing network vulnerability scans offers organizations valuable insights into their security posture and helps identify potential vulnerabilities. There are two primary approaches<\/strong> to conducting these scans: on-demand, ad-hoc scans and periodic scans.<\/p>\n\n\n\nOn-demand, ad-hoc scans<\/strong> can be performed whenever desired, such as after making changes to the network or software. These scans are particularly useful when organizations want to assess the impact of specific changes or updates<\/strong>. By conducting scans after network modifications or software updates, organizations can proactively identify any newly introduced vulnerabilities or misconfigurations. This approach allows for flexibility and immediate action<\/strong>, ensuring that potential security gaps are promptly addressed.<\/p>\n\n\n\n<\/p>\n<\/div>\n\n\n\n
\n
Periodic scans<\/strong>, on the other hand, are scheduled scans that occur at regular intervals. It is generally recommended to perform these scans at least quarterly, although the exact frequency can vary based your organization’s unique needs and budget. The reason for conducting periodic scans is twofold. First, new vulnerabilities in software are discovered and reported daily<\/strong>. By setting up a regular scanning schedule, organizations can keep up with the evolving threat landscape and ensure that their systems are regularly checked for any newly identified vulnerabilities. Second, periodic scans provide a proactive and systematic approach to network security<\/strong>. This is a fundamental ingredient in a strong security posture.<\/p>\n\n\n\nThe most progressive security programs employ both approaches: scanning when infrastructure changes are made, and also scanning at regular intervals to check for new-found vulnerabilities in existing assets.<\/p>\n<\/div>\n<\/div>\n\n\n\n
\n\n\n\nWhat can be scanned?<\/strong><\/h2>\n\n\n\nQualys is capable of scanning a wide range of assets across various environments. It can scan traditional on-premises assets such as servers, desktops, and network devices, ensuring comprehensive vulnerability assessment. Additionally, Qualys extends its scanning capabilities to virtualized environments, cloud platforms like Amazon AWS, Microsoft Azure, and Google Cloud Platform (GCP), as well as containerized environments like Docker and Kubernetes.<\/p>\n\n\n\n
\n\n\n\nHow should I prepare for a scan?<\/strong><\/h2>\n\n\n\nPreparing for a network vulnerability scan should involve two basic steps, and potentially a third.<\/p>\n\n\n\n
First, it’s essential to define the scope of the scan by identifying the specific network segments and systems to be included. The result is a list or range of IP addresses to include in the scan. There are no minimums or limits when using our service. We can discuss the scope with you to ensure that we focus on the relevant assets and areas of concern, maximizing the scan’s value. Correspondingly, maintaining an up-to-date inventory of all network assets, including hardware, software, and devices is important.<\/p>\n\n\n\n
Second, announce to your teammates when the scan will start and what assets will be examined. The most common side-effect of a vulnerability scan are unexpected log messages such as strange HTTP URLs being requested. It’s helpful for some people to know to expect this kind of traffic during the scan period.<\/p>\n\n\n\n
Third, more thorough scans can be obtained by allowing Qualys more access into your infrastructure via incoming firewall rules. Sophisticated infrastructures also commonly have systems that look for and guard against such things (intrusion detection or prevention systems: IDS\/IDP) which might, likely, raise alarms during the scan. It’s a best practice to ignore the Qualys scanning engine IP ranges on these devices so that alarms are minimized and Qualys is allowed unfettered access to examine your network assets. We’ll work with you to ensure these changes are made accurately.<\/p>\n\n\n\n
While our scans are safe and take great measures to avoid exploiting any vulnerabilities, it is always a good idea to ensure backups are up-to-date and at least basic health monitoring is in-place \u2013 e.g., ping, HTTP, or other tests for service availability. <\/p>\n\n\n\n
\n\n\n\nWhat is delivered to us when the scan is finished?<\/strong><\/h2>\n\n\n\nA network vulnerability scan typically generates a comprehensive report that provides valuable insights into the security posture of your network. The report outlines the vulnerabilities and weaknesses discovered during the scan, along with relevant details and recommendations for remediation.<\/p>\n\n\n\n
Our base reports include the following key components:<\/p>\n\n\n\n