Qualys-Running Network Vulnerability Scan

This document provides the steps to run a vulnerability scan with Qualys against IP address(es).

   

  1. Use the module picker in the top left corner of the application to open the full module list.
  2. Select "Infrastructure Security"
  3. Click on "VMDR"
  4. Once the page loads. Click on the "VMDR" in the top left corner of the application.
  5. Click on "Scans"

module picker

vmdr menu

 

2. Choose "New->Scan"

new scan

 

3. Provide a "Title"

title

 

4. Select an "Option Profile"

Choose a custom option profile to configure how the scan should run or use the Cybersecurity recommended default named "*Campus-Default Scan Profile." The full list of Cybersecurity maintained scan profiles can be found at Qualys VMDR-Cybersecurity Maintained Scan Option Profiles

option profile selection

 

5. Select a "Scanner Appliance"

External scanners are recommended to simulate what an attacker from the internet can potentially exploit. It is also good for confirming firewall configurations.

Internal scanners are recommended for identifying network-based vulnerabilities on the host. Internal scanners are allowed explicitly though all the Palo Alto firewalls.

scanner appliance selection

 

6. Provide the IP(s)

IP(s) is recommended for vulnerability scanning. Additional configurations may be needed for Asset Group/FQDN based scans to work correctly.

ip

 

6. Click "Launch"

launch

 

See Also


Keywords:
network scan vulnerability qualys run how to check 
Doc ID:
156758
Owned by:
TCD K. in Cybersecurity Testing and Cyber Defense
Created:
2025-11-17
Updated:
2025-11-18
Sites:
Cybersecurity Testing and Cyber Defense, Cybersecurity Vulnerablity Management, Office of Cybersecurity