AnsweredAssumed Answered

Custom file content checks in an authenticated scan?

Question asked by gowen on Jun 28, 2018
Latest reply on Jul 3, 2018 by Qsingh

We would like to detect violations of local policies using our regular Qualys scan - for example, the absence or presence of certain SSH configuration directives in ~/.ssh/config for all instances of ~.

 

I've reviewed the QRDI User Guide and it only seems to allow for HTTP type detections.  There's no indication of checks that would work during an authenticated scan, and very little indication of QRDI outside that document .

 

Is there any way to write a custom check that can test regex against local files during an authenticated scan?

Outcomes