What will be the differences between Cloud Agents vs Traditional scan ? can it identify the services running in the company wide customized directories?
Please let us know
A service path on the host filesystem really does not matter as Qualys (Cloud Agent or Scanner based) scans a port and negotiates over a valid protocol negotiation on a port to look for service running.
In case of a Windows system, we can identify running services (auth scan required) over WMI and commands.
So a default directory of a known service or a custom directory, does not actually matter.
A high level overview is that CA sits on the host and continually upload comprehensive metadata to the Qualys SOC. Traditional scanning requires some sort of appliance to elicit specific responses and take best guesses on what vulnerabilities may exist if the scan is unauthenticated, else the appliance will use credentials, if provided, to log onto a host and essentially enumerate application version and OS data and then correlate that with known vulnerabilities.
The Qualys Cloud Agent documentation gives a pretty good overview what CA is.
Give this a once-over and let me know if I can answer any additional questions.
Hi Thanks for the info. My question is mainly related to the scans performed, for example the qualys cloud agent can detect the services running from the standard path, can it detect vulnerabilities from the services that are running from the customized path?
Retrieving data ...