Hi everyone. Please can anyone tell me aw to ignore QIDs such as 38169 (SSL Certificate - Self-Signed Certificate) on Qualys VM...
If you create/edit an Option Profile on the 'Scan' tab under 'Vulnerability Detection' there is a subsection called 'Exclude QID'. You can add the QID you want excluded from the scan/report.
If you want to keep track of those Ignores, then you can create a Remediation Policy, that would give you more control of which assets to do the action to and the reporting capability.
Do you want to ignore it for a specific host or ignore it completely in your report?
for a specific host
To ignore a vulnerability and prevent it from appearing on a report on a per host basis, see the steps provided below. Also note that for more information regarding this feature and steps to re-activate a previously ignored vulnerability; you can access the online help section from within your account and search for ignore vulnerability.
1. Select Report from the left menu.
2. Run any scan report template set to Status or Status with Trend (auto) source selection. For example, run the Technical Report.
3. In the host details, identify the vulnerability you want to ignore, and place your cursor over .
4. Select Ignore vulnerability from the drop-down menu.
The Ignore vulnerability pop-up appears with details about the vulnerability and the host.
5. Click OK.
6. Refresh the report to remove the ignored vulnerability.
Retrieving data ...