The Inventory > Assets tab gives you asset information, such as identity, running services, installed software, open ports, users, and more. The GAV gives you deep visibility into your assets granting you a detailed, multidimensional view of each one that encompasses both its IT and security data. You can flag issues such as configuration problems, security risks, IT policy violations and regulatory non-compliance with an asset profile that includes a wealth of data.
Assets tab gives you an overview of assets in your organization.
(1) Search for assets using a Qualys Query Language (QQL) query for a specific timeframe. For more information, see Qualys Query Language.
(2) View bar charts for the top hardware and operating system categories. Click a specific bar from the chart to view the list of assets. For more information on the categories, see the Usage Guides - Hardware and Operating System in the Appendix.
(3) View the total assets matching your search criteria and the asset manufacturer and asset tags with their count of assets from the left pane. Click the count of assets to view the list of assets.
(4) View assets details and add static tag for the asset from the Quick Actions menu.
(5) View asset criticality score for the assets. For more information, see Asset Criticality Score.
This section gives you detailed and consolidated view for an asset with information of asset inventory, security posture, compliance posture, and sensor information to all interfaces for the assets. This detailed information includes IT and security data. This helps user to understand the security risks, policy and compliance violations, IT data such as licenses, end of life dates, network connections. User can flag issues any such problems.
To view asset details, navigate to Inventory > Assets and then click View Details under the Quick Actions menu for the asset.
Expand following sections to view more information:
Asset Inventory gives you deep visibility into the assets, granting you a detailed, multidimensional view of each one that encompasses its IT data such as:
- Asset Summary: Gives you detailed information to identify the asset, activity on that asset, last location from where the asset was accessed and different tags assigned to the asset. You can also add tag to the asset from this page.
- System Information: Gives you system information such as hardware specifications (detailed information for operating system, hardware, volumes, processors, etc.), services, and users.
- Network Information: Gives you information for the network connection to the asset.
- Open Ports: Gives you list of open ports and services running on those ports.
- Installed Software: Gives you list of software installed on the asset. This helps you identify the software version, end of license date, etc.
We’re now tracking geolocation of your assets using public IPs. Asset Geolocation is enabled by default for US based customers. For an asset that has an associated public IP, you’ll see its last location on a world map in Asset Details > Asset Summary.
- We’ll check the asset’s network interfaces for a public IP
- Asset that has an agent installed - we’ll check the IP reported by the agent
- AWS/EC2 asset - we’ll use the EC2 instance public IP
- Asset associated with a network - we will look for a public IP associated with the scanner used
If no public IP is found, we’ll show the location as unknown.
Want to enable (or disable) Asset Geolocation? Sure no problem. Just contact Qualys Support or your Qualys Account Manager and we’ll help you out.
This asset was last seen in Columbus, Ohio at 3:06 pm.
This section lists security posture for the asset. It gives summarized view for potential and confirmed vulnerabilities on the asset. You can view vulnerability details, apply patches and monitor possible malware.
This section shows compliance posture by a policy or all policies in your subscription.
This section gives information of the agent from where the asset is collected.
With GAV, you can apply tags manually or configure rules for automatic classification of your assets in logical, hierarchical, business-contextual groups. Assign Business Criticality through tags to establish priorities, and automatically calculate the asset criticality score of an asset based on highest aggregated criticality.
Once you've created tags with asset criticality score and added tags to the asset, the asset criticality score of the asset will be calculated. For more information related to defining asset criticality score for the tag, refer to the Configure Tags section.
In the following example, asset has three tags with asset criticality score - 5, 4, and 3. So the criticality score of the asset is 5 (the maximum asset criticality score among the three tags).
If the tags associated with your assets do not have criticality score set, by default the asset criticality score '2' will be applied to that asset.