Manage Controls

Controls are the building blocks of the policies used to measure and report compliance for a set of hosts. We provide many controls for you to choose from and you can create your own. Your compliance reports will show you the host compliance status (pass or fail) with the policy controls.

 

It is recommended to click Evaluate Now while saving a policy after making any changes that impact the posture, such as:

- Adding or removing controls
- Adding or removing a technology at the policy or the control level
- Adding or removing an asset group
- Updating an expected value

Failing to click Evaluate Now might result in inconsistent posture data. This is because the posture data for assets associated with removed controls, technologies, or asset groups may not be deleted immediately. The data is deleted when the policy evaluation takes place during the next scan or policy processing triggered by a change in the asset group or UDC.

Videos

Check out these videos:

Still have questions?

How do we calculate expected values?

What are deprecated controls?

Quick Links

Set Up Policies

Policy Editor

User-Defined Controls

Qualys Custom Controls

Control Criticality