I am looking for assistance on getting the Policy & Compliance scans to run authenticated. Are you doing it? How did you accomplish and convince your UNIX folks to let Qualys run and execute root-level commands?
That is a difficult one. I am working on Authentication for Unix/Linux systems, however not for PC for VM. For VM I'm not sudoing to root even though I know it will give me some more QIDs. When I use Sudo, the admins complain that the scan jobs fill up the root command history.
However, I know it is needed for PC and I will have to deal with it sooner or later.
If root access required...it's required... that's how it works so there is no getting around it.
However, you could possibly use SSH keys and maybe that will make them feel better about letting the scan account login with root access.
Retrieving data ...