Dynamic Vulnerability Search List

In a nutshell - You're going to select a bunch of vulnerability search criteria like severity level, category, patch availability, etc and then save your selections as a dynamic search list. Each time you use the list, we'll query the KnowledgeBase to find all the matching QIDs and include them in your action. By using a dynamic list you can have confidence that you're getting all the matching QIDs - even QIDs newly added to the KnowledgeBase.

Here are a few ways you can use dynamic search lists:

- Create a dynamic list for an always up-to-date Microsoft patch Tuesday scan report, scan option profile and remediation rule.

- Create a dynamic list of QIDs flagged for PCI compliance.

- Create a dynamic list of QIDs for a particular vendor or product, such as Apache, Cisco, Microsoft, or Sendmail.

- Create a dynamic list of QIDs that are remotely exploitable on the .net framework.

- Create a dynamic list of QIDs that have a particular CVSS or CVSS v3.1 score.

- Create a dynamic list of CVE IDs you're interested in. For a large list of CVE IDs, we recommend using the Dynamic Search List API since the UI is limited in the number of characters you can enter. Refer to the API User Guide for more information.

Threat Protection - How to report on threat indicators

You can easily report on Real-Time Threat Indicators (RTIs) using dynamic search lists.

Important - RTI options are only available to users with Threat Protection enabled for their subscription.

Create a new dynamic search list and select the threat indicators you're interested in. Then add this search list to your scan report templates. Your reports will include QIDs that match *any* of the selected values.

To learn more about threat indicators, please refer to the following article:

Real-time Threat Indicators 

 

 

Quick Links

Search Lists - The Basics

Glossary of common terms