In a nutshell - You're going to select a bunch of vulnerability search criteria like severity level, category, patch availability, etc and then save your selections as a dynamic search list. Each time you use the list, we'll query the KnowledgeBase to find all the matching QIDs and include them in your action. By using a dynamic list you can have confidence that you're getting all the matching QIDs - even QIDs newly added to the KnowledgeBase.
Here are a few ways you can use dynamic search lists:
- Create a dynamic list for an always up-to-date Microsoft patch Tuesday scan report, scan option profile and remediation rule.
- Create a dynamic list of QIDs flagged for PCI compliance.
- Create a dynamic list of QIDs for a particular vendor or product, such as Apache, Cisco, Microsoft, or Sendmail.
- Create a dynamic list of QIDs that are remotely exploitable on the .net framework.
- Create a dynamic list of QIDs that have a particular CVSS or CVSS v3 score.
You can easily report on Real-Time Threat Indicators (RTI) using dynamic search lists.
Important - RTI options are only available to users with Threat Protection enabled for their subscription.
Create a new dynamic search list and select the indicators you're interested in. Then add this search list to your scan report templates. Your reports will include QIDs that match *any* of the selected values.