Is there any difference between which vulnerabilities that are discovered by a Qualys Cloud Agent and a Qualys Authenticated Scan? Or will they find the exact same vulnerabilities?
The cloud agent detects a high percentage of the same vulns. Last time I looked into it a few months ago, it was like 95-96% similarity. What the cloud agent can't get you that the authenticated scan does is the remotely detected things (detection that are found on ports)... So think ssl/tls related findings etc...
To see what QIDs that cloud agent will detect, search the knowledge base using the "Discovery Method" filter. QIDs found by "Authentication Only" and "Remote and Authenicated" should all be found via the cloud agent. Anything found via "Remote Only" (highlighted in yellow below) will not be found be the cloud agent but would be found via an authenticated scan:
If you want to get super precise with QIDs found by specific cloud agents, you can also create a dynamic search list and select the approrpiate cloud agent module under the "Support Modules" section on the "List Criteria" page:
[added by community admin]: Also see additional detail below.
Yes, there is an extremely tiny percentage of vulnerabilities that can't be detected by the Cloud Agent. These are vulnerabilities that have pure remote-only checks. Since the agent is locally installed, it can't connect to ports.
To know if a vuln can be detected by cloud agent, just look for the vulnerability info from the KnowledgeBase. If the agent can detect it, you'll see that as a supported module.
If you're looking for numbers in terms of coverage percentage, it's a good idea to talk to your TAM.
To scan for these items that aren't covered by the agent, scan them using a scanner appliance.
Create a search list of all vulns that can be detected by the agent, and exclude it from your scan. That way, you'll finish faster and have all items covered.
Qualys should cover this in a KB or have an automatic way to cover this. I have seen other vendors do this really easily.
Full System Vulnerabilities Scan - Cloud Agent Vulnerability Scan = Delta Scan
OR Better yet...
Qualys upon normal appliance scanning via Authenticated Scan should detect the presence of the Agent and perform only the additional checks needed.
It's part of the KnowledgeBase and you just need to check a few boxes:
See more here: Qualys Vulnerability Management - KnowledgeBase
When you scan through an appliance, by default it's going to scan for everything. But you can exclude items that you don't want to scan for - create a search list and exclude that in your Option Profile.
Retrieving data ...