Highest Voted 'qualys' Questions

5

votes

0 answers

Cookie Does Not Contain The "secure" and "HTTPOnly" Attribute

While running a Qualys Vulnerability Scan on a website which is being developed I got the following vulnerability: Cookie Does Not Contain The "HTTPOnly" Attribute Cookie Does Not Contain The "secure" Attribute My application running in ExpressJS,…

asked Jul 18 '18 at 07:17

Krishan Kant Sharma

363
3
12

3

votes

2 answers

Slow Http Post attack in Nginx

To check vulnerability in our app servers, we ran Qualys scan. From the report we found our app servers are vulnerable to slow HTTP Post attack. To mitigate this attack, we have configured nginx in front of app servers based on the Qualys report…

http security nginx nginx-reverse-proxy qualys

asked Apr 26 '18 at 11:52

Puratchi Selvan

31
1
3

2

votes

2 answers

PyCurl request hangs infinitely on perform

I have written a script to fetch scan results from Qualys to be run each week for the purpose of metrics gathering. The first part of this script involves fetching a list of references for each of the scans that were run in the past week for…

python api freeze pycurl qualys

asked Oct 12 '17 at 09:39

I_GNU_it_all_along

221
1
11

1

vote

3 answers

Azure VM: can't install Qualys extension

I run the same code snippet as for other extensions: az vm extension set \ --resource-group "azure-vm-arm-rg" \ --vm-name "azure-vm" \ --name "WindowsAgent.AzureSecurityCenter" \ --publisher "Qualys" ..and I'm getting: The handler for VM…

azure qualys

asked Jul 22 '20 at 11:19

kagarlickij

7,327
10
36
71

1

vote

1 answer

Path based vulnerability in Spring hybris

We have got path based vulnerability issues in Qualys report. I have gone through stackoverflow questions like this one and configured useDefaultSuffixPattern as false as shown below. I am still able to load the page with /about.anything even…

spring-security sap-commerce-cloud qualys

asked Feb 05 '20 at 08:53

antnewbee

1,779
4
25
38

0

votes

0 answers

Integrating Power BI with Qualys dashboards

Is there a way to replicate specific dashboards set up in Qualys (with all the widgets visualising data) in Power BI? I have read through the forums and couldn't find anything about it. In general, I'm having trouble connecting to Qualys endpoints.…

powerbi qualys

asked Aug 17 '23 at 13:57

21200506

7
2

0

votes

0 answers

How do I know when qcs-sensor has completed it's scan

I am running qualys/qcs-sensor:latest --cicd-deployed-sensor in CICD mode. Is there an API I can use to find out when qcs-sensor has completed it's scans and has uploaded the scan results to Qualys servers? I tried the show details of an image…

qualys

asked May 31 '23 at 14:32

DarVar

16,882
29
97
146

0

votes

0 answers

Qualys container image scanning in GitHub Actions

I cannot find a Qualys Container Image scan action on GitHub Market Place. Are there steps I can follow to create a custom script to check container image build for vulnerabilities with Qualys?

qualys

asked May 23 '23 at 11:32

DarVar

16,882
29
97
146

0

votes

0 answers

VM Vulnerability assessment reports in csv file and send it to Artifact

I was looking for tools that I can use to scan my Linux VM Golden Image. I couldn't find a tool (all i got is for scanning container images) and ended up with Qualys. Now I am trying to do Vulnerability scan on the VM and send the reports in CSV…

qualys

asked May 05 '23 at 08:12

Monojoy Bhattacharjee

1

0

votes

0 answers

I want to understand what some of these Qualys scan means

There are some flags in this link that I am not able to find any info on. I tried searching the web and no luck. I am looking to see if there is more detailed explaination on these flags and flags listed in the website. getImageVulnsFromQualys…

jenkins qualys

asked Apr 13 '23 at 21:59

user1223334

9
2

0

votes

0 answers

How to create dual language report in Qualys tool?

How to create Qualys scan report in two languages? Changing the subscription language is not an option

security qualys

asked Feb 27 '23 at 06:21

Mohan Raj

167
12

0

votes

1 answer

Modify curl command to ansible uri module

I've been trying to execute the following curl command through the ansible uri module (the url, username, and password have been changed just for privacy) curl -u "username:password"…

curl ansible uri qualys

asked Feb 03 '23 at 20:04

Pugs08

21
5

0

votes

0 answers

ICMP timestamp - firewall configured to drop timestamp request, but vulnerability scanner can send request and get a response

We use an external scanner (Qualys) to scan our external assets. We have a firewall in front of the external assets, but it is configured to whitelist the scanner so that the external assets get scanned in-depth. But the firewall is also configured…

security timestamp firewall icmp qualys

asked Jan 31 '23 at 23:04

Halooooo

1

0

votes

0 answers

How to write pre/post-scripts for Azure VMs?

I am trying to set up pre/post-scripts for our new patching system. The VMs need a tag added and turned on and then restarted and removed after. I don't have the roles to test just to get it done. Previous scripts I've seen to start our servers use…

azure powershell patch qualys

asked Dec 28 '22 at 16:49

apcsGrad99

1
1

0

votes

0 answers

How can I pass a powershell command in Ansible with parameters

I'm having trouble installing this particular agent in win servers through Ansible. - name: "Installing agent {{agent}} and webservices" register: executed_script win_shell: Invoke-Command -ScriptBlock {& cmd /c…

powershell installation ansible qualys win-shell

asked Dec 23 '22 at 17:56

Nahuster

13
6

Questions tagged [qualys]