You can easily alert on active security threats using Threat Protection Real-Time Threat Indicators (RTIs). Configure a vulnerability rule and select the indicators you want to alert on (under vulnerability criteria).
Please note that OR is used when multiple indicators are selected. For example, get an alert when a vulnerability matches Zero Day OR Public Exploit by selecting both of these options.
What are the sources? Qualys subscribes to multiple sources of threat feeds to gather vulnerability related threats. Primary sources are Exploit DB, Metasploit, Recorded Future, Reversing Labs, etc.
Not seeing Threat Protection RTI options? Threat Protection RTI options are only available to Threat Protection users with Trial or Full subscriptions.
To learn more about threat indicators, please refer to the following article. Note that the article may list some RTIs that are not yet available in Continuous Monitoring but will be supported at a later time.