Actionable Searching and Data Download with Vulnerability Management Dashboards
Last updated on: February 23, 2021
Qualys is introducing the ability to download data from your vulnerability management dashboards. With Qualys Vulnerability Management Dashboards, you can use Qualys Query Language (QQL) to query the data in your subscription and build vulnerability- and asset-centric dashboards that show your exposure to individual vulnerabilities or groups of vulnerabilities or vulnerabilities with specific attributes, like new patch available found within the last 30 days.
With the new download feature, you can now download this data into a CSV file for additional manipulation outside the platform.
Asset and Vulnerability-Centric View of Your Data
Combining the asset-centric view with vulnerability-centric views gives you more flexibility to dig into your data in from a 360-degree view with more in-depth insights into the security posture of your organization. These capabilities enable a quick way to report and answer your specific questions using QQL queries which in turn can be made actionable by downloading the resulting data set. A typical query might find all assets with severity 5 vulnerabilities in your Boston datacenter, or all of the assets that require patches following Patch Tuesday.
Here is an example of a FedRAMP Vulnerability Mitigation SLA dashboard that is pre-built into the Qualys Dashboard library as a ready-to-use template. It makes use of the queries below to give you a 360-degree view of your FedRAMP status.
1. Assets with Vulnerabilities first found within the last 30 days and a CVSS Score 7 – 10: CVSS Score 7 – 10.
vulnerabilities.firstFound>now-30d and vulnerabilities.vulnerability.cvssInfo.baseScore:[7 .. 10]
2. Assets with Vulnerabilities first found within the last 30 days and Vulnerability published date within the last 30 days and a CVSS Score 7 – 10:
vulnerabilities.vulnerability.cvssInfo.baseScore:[7 .. 10] and vulnerabilities.vulnerability.published>now-30d
3. Breaching of SLA 30 SLA remediation for CVSS Score 7 – 10:
vulnerabilities.firstFound<now-30d and vulnerabilities.vulnerability.cvssInfo.baseScore:[7 .. 10]
Ask Actionable, Specific Questions
QQL searching best practice should be specific and formulated to answer questions that will drive actions. For example, in the screenshot below, you can see all vulnerabilities first found in the last 30 days that have a patch available. Then your remediation team can focus on applying these patches.
Downloading the data set is based on the column details seen on the screen. You will be able to download the assets, detections, or the group by’s results based on your query.
For more resources, see dashboarding best practices and a list of pre-built VM dashboards whose data you can now download.
The data download feature in VM dashboards is available with Qualys Cloud Platform release 2.43.
Get Started Now
To start visualizing, searching and taking action, get a Qualys Suite trial.