How-to

Qualys: Good Scan Practices

  • Set up scheduled scans (at least monthly, recommend weekly) and reports. Some systems are required to scan weekly.
  • Scan using external scan appliance and prioritize the vulnerabilities to fix (e.g., Confirmed 4 & 5) and re-scan.
  • Scan using internal scan appliance and prioritize the vulnerabilities to fix (e.g., Confirmed 4 & 5) and re-scan.
  • Use patch report to identify vulnerabilities to patch and use search lists to scan and report on before and after patching.
  • Use remediation tickets to document remediation plans that require additional time to fix. Periodically review and update the remediation ticket.
  • Identify types of report to run, include frequency and report recipients.
  • Use trend report templates to show vulnerability and remediation trends.
  • Use the external scan appliance to test your firewall rules.
  • Use a sandbox IP. Use an IP address to scan the pre-production server and when ready to put in production, move it to a production IP address. This is especially useful for one-time scan for systems that are important and not critical.

More Information

Sign In