Back to
16 posts

Top 10 of 2012 from Qualys Community

Here are the most popular and most viewed blog posts, discussions, new product features, technical documents and videos that were contributed, read, updated, and commented on in 2012 by the Qualys Community of security professionals.

Many thanks to all the Qualys Community members and site visitors for building out the reference library and active conversations that comprise Qualys Community!

Top 10 Blog Posts

  1. Mitigating the BEAST attack on TLS
  2. Lessons Learned from Cracking 2 Million LinkedIn Passwords
  3. Are you ready for slow reading?
  4. TLS Renegotiation and Denial of Service Attacks
  5. CRIME: Information Leakage Attack against SSL/TLS
  6. How I Knocked Down 30 Servers from One Laptop
  7. Protocol-Level Evasion of Web Application Firewalls
  8. Passing the Internal Scan for PCI DSS 2.0
  9. Android Security Evaluation Framework: ASEF
  10. New Java 0-Day Disclosed

See the most current blog posts.

Top 10 Discussion Threads

  1. How to enable TLS 1.1 & 1.2 on OpenSSL & SSLv3.0/TLSv1.0 Protocol Weak CBC Mode Vulnerability
  2. PCI Failure for CVE-2011-3389 (BEAST Attack) & BEAST vulnerability detection
  3.’s own Apache SSL Config Directives
  4. Web Server Vulnerable to Redirection Page Cross-Site Scripting Attacks
  5. How to create a Linux user
  6. Hidden RPC services error
  7. Anybody notice an uptick in "NetBIOS Shared Folder List Available" vulnerability?
  8. FIPS-Ready checks
  9. FTP
  10. Mitigating WAS QID 150085 Slow HTTP POST Vulnerability on Apache

See the most current discussion threads.

New Product Features in 2012

  1. QualysGuard 7.7
  2. Introducing QualysGuard Dynamic Asset Tagging and Management
  3. QualysGuard 7.6
  4. QualysGuard 7.5
  5. QualysGuard 7.4
  6. QualysGuard 7.3
  7. QualysGuard 7.2
  8. QualysGuard 7.1
  9. QualysGuard 7.0
  10. QualysGuard WAS 2.4
  11. QualysGuard WAS 2.3.2
  12. QualysGuard WAS 2.3.1
  13. QualysGuard WAS 2.3
  14. QualysGuard MDS Enterprise Edition 2.1
  15. Automatic Scanning is now part of BrowserCheck Business Edition
  16. Safe Browsing with Qualys BrowserCheck

Top 10 Technical Documents

  1. BrowserCheck FAQ
  2. QID 90780 FAQ: Microsoft ASP.NET ValidateRequest Filters Bypass Cross-Site Scripting Vulnerability
  3. Reference: QualysGuard Virtual Scanner Appliance
  4. Verify QID 38140 – SSL Server Supports Weak Encryption Vulnerability
  5. QualysGuard API Sample Code
  6. How is QID 38142 – SSL Server Allows Anonymous Authentication Vulnerability detected?
  7. How does vulnerability scanning work?
  8. How does UDP port scanning and service detection work?
  9. How does QualysGuard mapping work?
  10. UPDATE: QID 38171 “SSL Certificate – Server Public Key less than 2048 bit”
  11. Bonus document: QualysGuard Virtual Scanner Appliance: Platform Qualification Matrix

See LOTS MORE support articles and how-to’s in the Help Center.

Top 5 Videos

  1. QualysGuard Vulnerability Management Video Series
  2. QualysGuard Policy Compliance Video Series
  3. QualysGuard Web Application Scanning Video Series
  4. QualysGuard Malware Detection Service Enterprise Edition Video Series
  5. Best Practice Videos

Qualys wishes you a happy, productive, and secure 2013!

Advanced Persistent Threats Experts Video


Brian Krebs, Journalist



Wolfgang Kandek, CTO, Qualys

Rodrigo Branco, Researcher, Qualys

Rich Mogull, Analyst & CEO, SECUROSIS

Gunter Ollman, CTO, Damballa

Andy Bonillo, Principal, Investigative Response, Verizon



September 29, 2011 at Qualys Security Conference 2011 San Francisco


Topics include:

  • What is APT?
  • What makes APTs successful when they’re successful?
  • Are so-called APTs executed via vulnerabilities that should have been patched?
  • Good system administration is the baseline defense.
  • How does any organization protect itself against the most sophisticated attacks?
  • Do organizations have the ability to know how long they have been pwned?
  • TCP: total cost of pwnage.
  • Dynamics of the APT ecosystem.
  • Best practices for securing systems.
  • What happens when organizations fail to detect APTs?
  • What can we do to make things better?
  • Are you hopeful the community will share information?
  • Q&A: What should we look for in log files?
  • Q&A: What is opinion on virtual patching?
  • Q&A: What is impact of increase in mobile devices?



58 minutes, 32 seconds

Windows Share Enumeration, Detailed Audit Settings, and ExploitKit Mapping

Sometimes it’s the little things that make your day run more smoothly.  The release of QualysGuard 6.19 includes highly-focused new features that add functionality for Windows systems. Also, an update to the Qualys KnowledgeBase identifies vulnerabilities that can be attacked via exploit kits, helping organizations better prioritize patching efforts and protect against vulnerabilities that could be abused via exploit kits.

Windows Share Enumeration: Find Windows shares that are readable by everyone, and report details like the number of files in the share and whether the files are writable. This is good for identifying groups of files that may need tighter access control.

Detailed Audit Settings: Verify auditing subcategory settings introduced in Windows Vista, Windows 7, and Windows Server 2008. You can now check all of the audit logging settings within Windows.

Both of the above features require the new dissolvable agent, which is configured via a new workflow for easier activation.  Details in the 6.19 Notification.

ExploitKit Mapping: If a vulnerability can be attacked via an exploit kit, it should be considered higher priority simply because of the larger number of people who can easily attempt to attack it via the exploit kit. The new ExploitKit Mapping in the KnowledgeBase makes it easier to identify these vulnerabilities and prioritize their remediation.

Qualys Technology Blog

Welcome to the Qualys Technology Blog, a team blog written by the thought leaders at Qualys.

This blog will expose to the Qualys Community some of the interesting technical projects under way at Qualys and some of the talented people behind those projects.  The focus of the articles will be to explain the technology and show how it is relevant and interesting.  And it will give community members a forum to engage with each other and with Qualys around new, cutting edge topics.



SSL Labs assessment engine v1.0.59 improvements

The latest version of the SSL Labs assessment software (1.0.59) is now online, and it includes the following improvements:

  • Cipher suite preference test, which tells you if servers pay attention to which cipher suites they use (or merely use the first suite offered by a client)
  • Clear cache feature, which clears cache and allows for a quick check-fix-check cycle
  • Detect Strict-Transport-Security header in response, which indicates STS support
  • Session resumption test, which checks for the performance optimization after the initial full handshake
  • TLS version intolerance test, which tests how servers react to not-yet-released versions of TLS
  • Prefix handling changes; this test will now take into account if the tested domain name (with and without prefix) points to a particular server. It will also relax the check for 2nd-level domain names (e.g.,