Session 8: Enhancing Scan Accuracy with Authenticated Scans & Scheduled Vulnerability Assessments

Welcome to Session 8 of our Qualys Vulnerability Management Training Series!
This session was all about enhancing scan accuracy by configuring authentication settings and scheduling automated vulnerability scans. Ensuring that scans are authenticated provides deeper insights into system vulnerabilities that might otherwise be missed in unauthenticated scans.
________________________________________
📌 Key Topics Covered:
✅ Recap of the Previous Session – Quick review of firewall adjustments, WMI configurations, and perimeter scans.

✅ Creating & Configuring an Option Profile from Scratch
🔹 Defining scan parameters for optimized vulnerability detection.

✅ User Management in Virtual Machine
🔹 Adding an admin-level user in Windows VM to facilitate authentication.

✅ Logging into VM with the Admin User
🔹 Ensuring proper authentication setup before scanning.

✅ Creating an Authenticated Scan
🔹 Configuring a vulnerability scan that leverages credentials for deeper insights.

✅ Scheduling a Vulnerability Scan
🔹 Automating scan execution for continuous security assessments.

✅ Analyzing Scan Results
🔹 Reviewing discovered vulnerabilities and understanding their impact.

This session established a robust scanning workflow by integrating authenticated scanning techniques to enhance vulnerability visibility.
________________________________________
Coming Up in Session 9:
In the next session, we’ll tackle fixing undiscovered Azure VMs in Qualys and troubleshooting common issues in authenticated scans.
✅ Fixing Undiscovered Azure VMs in Qualys – Why some assets don’t appear & how to fix it.

✅ Running an Authenticated Scan via Virtual Scanner Appliance – A deeper dive into scanning techniques.

✅ Key Fixes:
🔹 Firewall & network settings adjustments.
🔹 Enabling File & Printer Sharing, WMI, and Remote Registry.
🔹 Disabling UAC (User Account Control) for authentication.

After implementing these fixes, assets were successfully discovered and prepared for the next stage of scanning. Stay tuned for Session 10, where we’ll analyze the scan results in detail! 🚀
________________________________________
📢 Stay Connected & Keep Learning!
🔹 Subscribe & Hit the Bell Icon 🔔 – Never miss an update!
🔹 Like & Share – Spread the knowledge!
🔹 Drop a Comment Below – Have questions? Let’s discuss!

#qualys #vulnerabilitymanagement #cybersecurity #vmdr #threatdetection #cloudsecurity #pentesting #siem #soc #firewall #riskmanagement #compliance #devsecops #itsecurity