Let’s assume you know where every host in your environment is. Wasn’t that a nice thought? The reality is probably that your environment is constantly changing. Knowing is half the battle, so performing this network reconnaissance is essential to defending it.
Tag, you’re mapped!
A common use case for performing host discovery is to focus scans against certain operating systems. This can be done a number of ways in QualysGuard, historically via maps or light scans followed by a manual workflow. Today, QualysGuard’s asset tagging can be leveraged to automate this very process. By dynamically tagging hosts by their operating system, one can split up scanning into the following:
- Frequent light scans that update QualysGuard with the current mapping of your network via dynamic asset tags.
- Targeted complete scans against tags which represent hosts of interest.
We step through how to set up your QualysGuard to do exactly this below.