AnsweredAssumed Answered

VM Detection Inconsistencies

Question asked by horizon on Dec 13, 2018
Latest reply on Jan 4, 2019 by theone2018

Help me understand inconsistencies in vulnerability detection. 

 

I've got a lot of workstations reporting that they do not have QID 91017 patched appropriately. Like many before me, I found that I had to add the registry keys to be patched and have the tickets close out on the next scan. However, I noticed that with my workstation, I didn't have the registry keys. It was flagged as not patched, then auto closed as fixed, then re-opened, after three different scans, before I even addressed it. Another workstation STILL doesn't have the keys in place, but it shows as being fixed.

 

Is it common for Qualys to be inconsistent with its scans and detection of vulnerabilities? I'm not sure why two win7 64 bit workstations, with the same patches installed, would be treated differently. I'm new to this tool so I'm just trying to understand it better.

Outcomes