I see that Qualys supports vendor=Cisco; product=unified_communications_manager for some SIP related vulns. There seems to be several related "product" options when trying to create a Dynamic Search List.
what access does Qualys require to discover a host asset as CUCM? SNMP or SSH?
I see sysDescr contains the host Linux version, and Qualys SNMP does not seem to use more than that for other OS types, so SNMP seems unlikely. If SSH access is required, what role/privileges are required?
I've seen several requests for a list of supported OS types on this community forum, with no response. Does such a document exist? (looking for info on routers, switches, printers, virtualization, etc...). Is there any way to take guesses at what is supported, even if I need to compile a list from the KB? For instance, I see a ton of vendor=hp product= strings related to printers; are these truly supported, or there for future growth? Discovery via FingerPrinting seems unreliable in our environment. Is there some way to infer related discovery type for non-standard OS types?