Identifying OS LEVEL vulnerability by using dynamic SEARCH LIST in QUALYS

• It is too easy for vulnerability segregation by using Qualys, automating and enhancing vulnerability remediation processes. The reason why I am sharing it with you is because I saw that many professionals still prefer manual vulnerability
• You need to work over a QUALYS dynamic search list to define the vulnerability scope to their respective tracks.
• There are a few attributes that we will use for defining criteria for the selection of OS-level vulnerabilities which we will see below 👇.

1. Category
2. CPE
3. Vendor

Now I will give you an example for the segregation of MICROSOFT WINDOWS OS’s.

You need to navigate in a dynamic search list.

1. Category should be WINDOWS and LOCAL only
2. CPE will be an OPERATING SYSTEM.
3. Vendors should be MICROSOFT.

If your Wintel Team does not want to work over .NET vulnerabilities then you can exclude them by using the attribute “Product not .NET”

You will like this and it will reduce your manual efforts and time.

Thank You, have a Good Day