Using the VMDR Prioritization report, you can detect which vulnerabilities to remediate first. The VMDR Prioritization report contains of two sections: Summary and Details.
The Summary section of the VMDR Prioritization report displays the findings with the following three sections.
Depending on the asset tags that you choose, the assets are identified for this report. Prioritized Assets is the count of assets out of the total assets with vulnerabilities that meet the combination of the detection age, RTIs, and attack surface you selected.
In the above example, 8 assets matched the selected asset tags. Out of the 8 assets, 2 assets has vulnerabilities that met the combination of the selected Detection Age, RTIs, and Attack Surface.
The Prioritized Vulnerabilities section displays a summary of prioritized vulnerabilities that are detected on the assets.
Instances: The count indicates the total number of vulnerabilities that meet the combination of the detection age, RTIs, and attack surface you selected.
The count may include multiple occurrences of a single vulnerability (that is a single QID) detected on multiple assets.
In the above example, 154 vulnerabilities were detected on the 8 assets. Out of the 154 vulnerabilities, 8 vulnerabilities met the combination of the selected detection age, RTIs, and attack surface across the 2 assets.
Unique: The count of unique vulnerabilities (excluding duplicate QID instances) out of the vulnerability instances identified/detected.
In the above example, out of the 8 instances, 6 are the unique vulnerabilities.
Count of the patches that are available with Qualys. Click Patch Now to initiate the process of patching the vulnerabilities.
Note: The Patch Now button is enabled only when Qualys can automatically patch the vulnerability and the Patch Management app is enabled in your subscription.
You could choose to perform one of the 3 actions:
Add to New Job - Opens the wizard to create a new job in the Patch Management module. Follow the instructions in the wizard and initiate the patching process by creating a new job.
Add to Existing Job - Displays the list of existing jobs in the Patch Management app. Choose from one of the existing jobs (disabled state) and click Add. You can add maximum 200 patches to a single job. You cannot add patches to OnDemand or run-once (non recurring) jobs, once they are enabled.
View Missing Patches - Displays the list of missing patches for the prioritized assets and vulnerabilities. In case you have a free version of Patch Management then you can only view the list of missing patches. You will need to upgrade to the paid version of Patch Management app to initiate deployment job workflows from the Patch Now option. Show me
For more information, refer to the online help of the Patch Management app.
The details section includes detailed information about prioritized vulnerabilities, patches and prioritized assets. Use the tabs to toggle between the three views. The Vulnerabilities, Patches, and Assets tabs offer advanced search capabilities using tokens.
The Patch Now button is enabled only for patches available at Qualys and if you have Patch Management app enabled in your subscription.
Tell me how to use the search
You can search with multiple criteria in a single go.
Start typing in the Search field and we'll show you the properties you can search such as vulnerability severity, detection age, etc. Select the one you're interested in.
Click the + sign for a combined Vulnerability and Asset search.
Start typing and we'll show you the asset properties you can search like agentId, agent version, etc. Select the one you're interested in.
Now, enter the value you want to match, and press Enter. That's it! Your matches will appear in respective tab.
Tell me how to use group by option
Once you have your search results ready, you may want to organize them further into logical groupings. We offer several group by options such as detection age, vulnerability age severity and more.
You'll see the number of unique groupings based on your selection (e.g. 6 unique vulnerabilities) and the number of vulnerabilities per group. Click on any grouping to update the search query and view the matching vulnerabilities.
You can export the VMDR Prioritization report to dashboard in the form of a widget and continuously monitor the widget to check the vulnerabilities on the prioritized assets.
Here are the steps to export the VMDR Prioritization report to dashboard.
Note: The Export to Dashboard button is enabled only after you have generated the VMDR Prioritization report.
1) On the VMDR Prioritization report, click Export to Dashboard.
2) Provide a name for the widget.
3) Select the Dashboard to want to add the widget and then click Export.
The widget is added to the dashboard.
You can save or save and download the VMDR prioritization report to your local system in a single click. On saving, the report is saved in the report list on Prioritization tab.
Here are the steps:
Note: The Save & Download button is enabled only after you have generated the VMDR Prioritization report.
1) On the VMDR Prioritization report, click Save & Download.
2) Provide a name and description (optional) for the report.
3) Select the details from vulnerabilities, patches, and assets that you want to include in the report. Show me
Vulnerabilities: Including vulnerabilities provides you with two options:
Grouped (Unique): Includes the list of unique vulnerabilities along with the count of assets, where the vulnerability was detected.
All Instances: Includes the list of all vulnerabilities. For every vulnerability, we also include the list of all assets on which it was detected.
Patches: Includes the list of available patches
Assets: Includes the list of assets on which the vulnerabilities were detected.
4) Choose the report format: CSV or PDF for your report.
Note: Including All instances related vulnerability data in the report supports only CSV format.
5) If required, you can change timezones for dates included in report using the Select Timezone option. By default, the browser's time zone is used to report dates in the report.
6) Click Save or Save & Download.
On clicking Save, the VMDR prioritization report is saved to the reports list. On clicking Save & Download, the VMDR Prioritization report is saved to the report list and downloaded to your local system.
Note: The report file you download can include maximum 5000 records of the online report for each category: vulnerability, assets, and patches.