Verification Scan Asset Tag

Document created by vavarachen on Mar 31, 2017Last modified by vavarachen on Mar 31, 2017
Version 2Show Document
  • View in full screen mode

Following Groovy script (provided by Qualys support) can be used to create a Asset Tag which meets the following criterias:

  1. Active, New or Re-opened Confirmed vulnerabilities
  2. Found within the last 90 days
  3. Severity >= 4
  4. Remote detection (does not require authentication)


import com.qualys.portal.application.module.vulnoffice.domain.VulnDef;
import org.joda.time.DateTime;
import org.joda.time.Days;


if(asset.getAssetType()!=Asset.AssetType.HOST) return false;
ArrayList<HostInstanceVuln> vulnList = asset.getVulns();
VulnDef vulnDef=null;
int severity=0;
for(HostInstanceVuln vuln:vulnList){
    In this script, for Confirmed vulnerabilities we use HostInstanceVuln.getCategory() method. Possible values are:
    1 = Potential
    2 = Invalid/Deprecated
    4 = Confirmed
    The vulnerability Status is retrieved using HostInstanceVuln.getFound(). Possible values are:
    1 = Active, New or Re-Opened
    0 = Fixed
    if((vuln.getCategory()==4)&& vuln.getFound()){
        Unauthenticated QiDs filter is applied using VulnDef.getProperties() method. Possible return values (single or comma separated) are:
        r = remote detection (no authentication required)
        v = potential vulnerability
        n = windows authentication required
        u = Unix authentication required (SSH)
        o = oracle authentication required
        m = snmp authentication required
        e = VMware authentication required
        d = db2 authentication required
        b = http basic authentication required
        h = form authentication required
        d = exploitive (dangerous, can take down services, crash, etc)
        p = pci-related vulnerability
        c = NAC/NAM vulnerability
        if(vulnDef.getProperties().contains("r") && (severity==4 ||severity==5)) {
            if(Days.daysBetween(vuln.getLastScannedDate(),new DateTime()).getDays()<90)
            { return true; }
return false;

1 person found this helpful