AnsweredAssumed Answered

Possible to scan whole network for specific vulnerability?

Question asked by luc on May 6, 2014
Latest reply on May 6, 2014 by luc

     Hello Qualys Community,

 

I'm still very new at using Qualys VM, and I was just wondering if Qualys can scan the whole network looking for a specific vulnerability.

 

For example, with the heartbleed vulnerability, without knowing what servers are running on our network, can I use qualys VM to scan the whole network to look for any items that have that vulnerability?

 

Or do I need to first do an inventory and make asset groups before I can for a specific port against those?

 

I was able to create a map of our network (with some assistance from a colleague), but it looks like I would still need to identify and then add those to an asset?  Also, scanning an object for a specific vulnerability requires that object to have a license right?

 

Since I didn't know how or if qualys was capable of searching for anything on the network with the heartbleed vulnerability, I ended up using nmap to search our network for it.

 

thanks for any help

 

-luc

Outcomes