Home

How to Find Vulnerabilities with Active Threats

Quickly and Easily Find Vulnerabilities with Active Threat RTIs

This helps you prioritize certain vulnerabilities and focus on fixing them. Here's some sample searches to get you going. Looking for more on the Qualys Real-time Threat Indicators (RTI)? Click here

 

Active Attacks

vulnerabilities.vulnerability.threatIntel.activeAttacks

Show assets with vulnerabilities correlated with active attacks. [boolean]

vulnerabilities.vulnerability.threatIntel.activeAttacks: true

Denial of Service

vulnerabilities.vulnerability.threatIntel.denialOfService

Show assets with vulnerabilities correlated with denial of service. [boolean]

vulnerabilities.vulnerability.threatIntel.denialOfService: true

Easy Exploit

vulnerabilities.vulnerability.threatIntel.easyExploit

Show assets with vulnerabilities correlated with easy exploit. [boolean]

vulnerabilities.vulnerability.threatIntel.easyExploit: true

Exploit Kit

vulnerabilities.vulnerability.threatIntel.exploitKit

Show assets with vulnerabilities correlated with exploit kit. [boolean]

vulnerabilities.vulnerability.threatIntel.exploitKit: true

Exploit Kit Name

vulnerabilities.vulnerability.threatIntel.exploitKitName

Show assets associated with this exploit kit name source.

vulnerabilities.vulnerability.threatIntel.exploitKitName: `Angler`

High Data Loss

vulnerabilities.vulnerability.threatIntel.highDataLoss

Show assets with vulnerabilities correlated with high data loss. [boolean]

vulnerabilities.vulnerability.threatIntel.highDataLoss: true

High Lateral Movement

vulnerabilities.vulnerability.threatIntel.highLateralMovement

Show assets with vulnerabilities correlated with high lateral movement. [boolean]

vulnerabilities.vulnerability.threatIntel.highLateralMovement: true

Malware

vulnerabilities.vulnerability.threatIntel.malware

Show assets with vulnerabilities correlated with malware. [boolean]

vulnerabilities.vulnerability.threatIntel.malware: true

Malware Name

vulnerabilities.vulnerability.threatIntel.malwareName

Show assets associated with this malware name.

vulnerabilities.vulnerability.threatIntel.malwareName: `JS_EXPLOIT.MEA`

No Patch from Vendor

vulnerabilities.vulnerability.threatIntel.noPatch

Show assets with vulnerabilities correlated with no patch from vendor. [boolean]]

vulnerabilities.vulnerability.threatIntel.noPatch: true

Public Exploit

vulnerabilities.vulnerability.threatIntel.publicExploit

Show assets with vulnerabilities correlated with public exploit. [boolean]

vulnerabilities.vulnerability.threatIntel.publicExploit: true

Public Exploit Name

vulnerabilities.vulnerability.threatIntel.publicExploitName

Show assets associated with this public exploit name.

vulnerabilities.vulnerability.threatIntel.publicExploitName:`MSpamAssassin spamd Remote Command Execution`

Zero Day

vulnerabilities.vulnerability.threatIntel.zeroDay

Show assets with vulnerabilities correlated with zero day exploit. [boolean]

vulnerabilities.vulnerability.threatIntel.zeroDay: true