Reporting Toolbox: Reporting Best Practices FAQ

Document created by DMFezzaReed Employee on Dec 7, 2018Last modified by DMFezzaReed Employee on Jan 10, 2019
Version 4Show Document
  • View in full screen mode

The page provides a fluid documentation resource for Reporting Best Practices within the Qualys suite of products.

 

Functional Reality & Purpose

Some considerations

  • Reporting is intended to generate human-readable reports, not for exporting every vulnerability from a subscription
  • Qualys reporting is not designed for large scale data exports. Qualys provides APIs for that purpose. Click here to view our latest API documentation

 

The art of creating useful, human-readable reports (easy to read, understand, and prioritize) is accomplished by leveraging Host Based report templates configured with

  • targeted asset groups and/or tags (avoid All group), and
  • leveraging focused search lists and/or queries

 

Reporting - It's all about the plan

 

Tiered ReportingC-Level, VP-Level, D-Level, Manager, Technical SME-Level
Lines of Business within your OrganizationCorporate, Subsidiary, Divisional, Regional, Branch
Infrastructure/Network SegmentsInternal/External/DMZ, OnPrem/Cloud, Production, Pre-Production, QA, Test, Development, Sandboxed
Technical/Remediation Team structure(s)Hardware/Software/Out-of-Band (Mgmt XFace), Operating System, Application, Database, Network, Server, Client Endpoint, Wireless, Internal/External/DMZ, Web Apps, Appliance, Physical, Virtual, Domains, etc.

 

Reporting - Tips for Success

 

Align your reporting search lists with Client Security policies, standards and guidelines.
Reporting routine should coincide with scanning routine - if you scan weekly, report weekly.
Maintain a consistent reporting structure over time for improved trending results.  
Reports always collect the most recent scan results; therefore, purging outdated (obsolete) host scan results data is critical.
Engage report consumers frequently and assess how reports can be best aligned with maintenance processes.
Focused Host Based reports are much more efficient than Scan Based reports.
Use Our New Dashboards! Click here to learn Dashboarding Best Practices.  
Dashboards are interactive reports…so there's no need to change the approach between reporting and dashboarding schemas.
Consider leveraging the Qualys API to create a hybrid report archival program.
Take advantage of Qualys API integrations (e.g. Splunk)

 

 

Reporting Resources

 

Reporting on Qualys Community

Easily get helpful tips for finding topics of interest. You can use labels to find posts related to Dashboards, Qualys Query Language (QQL), how-tos and ideation.

 

Sign up for our Self Paced Training

Our Reporting Strategies and Best Practices self-paced training course gives you Qualys product expertise and tips on reporting and dashboarding.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Back to Dashboarding and Reporting 

Attachments

    Outcomes