Attackers can exploit the vulnerabilities while you are in the process of reviewing, prioritizing, and patching all the reported vulnerabilities. Qualys VMDR with TruRisk offers risk-based vulnerability management with unique insights into an organization's outlook to prioritize its most critical threats.
Qualys TruRisk vulnerability management include features like:
- intelligence-driven vulnerability severity scoring.
- detecting the location of assets vulnerabilities, including their business and operational criticality, association with business-critical applications, context about the asset's exposure to attack and many more.
Qualys TruRisk mode provides data for Asset Criticality, Qualys Detection Score (QDS), and TruRisk Score. This mode helps prioritize Assets or Vulnerabilities based on risks generated in the result.
1. In the Prioritization tab click Reports.
2. Click Start Prioritizing.
3. Select at least one Asset tag to display the prioritized list of vulnerabilities associated with the assets.
4. Click to proceed with Prioritization. Show meShow me
5. In the Asset Tags section, from Include and Exclude menu, select one of the following options:
- Any: to include or exclude all assets that might have any of the selected tags
- All: to include or exclude only those assets which have all the selected tags
6. Toggle the Qualys TruRisk Mode to enable it.
By default, the result displays the highest value of Asset Criticality and the Qualys Detection Score.
7. You can select the range of Asset Criticality (1-5) using the Asset Criticality bar graph. The highest score is considered if multiple tags are assigned to the asset.
For more information, see Understanding Asset Criticality Score
8. You can select the range of Risks (Low-Critical) in the Qualys Detection Score (QDS) bar graph. The risk scores generated prioritizes the assets and vulnerabilities.
For more information, see Understanding Qualys Detection Score
Note: Any
change in the asset will update the QDS and TruRisk calculation after
an asset scan.
For example, the asset criticality score of an asset is 4, but if multiple
tags are assigned to an asset and the asset criticality score changes
to 5, the changes will be updated in the next schedule asset scan. For
more information about Scanning, see Scan
for Vulnerabilities
9. You can select the TruRisk Score from the pie chart. TruRisk Score helps you prioritize your vulnerabilities based on the risk to your assets and not just the technical severity.
The TruRisk Score range is between 0 to 1000, and is divided as follows:
- Severe: 850-1000
- High: 700-849
- Medium: 500-699
- Low: 0-499
The highest score is assigned as the Asset Criticality Score if an asset is associated with multiple asset tags.
For more information, see Understanding TruRisk Score
10. Click Prioritize Now to enable the threat intelligence to prioritize the riskiest vulnerabilities on your network for the assets you selected.
Once you generate the report, you could proceed with patching the vulnerabilities (if Patch Management app is enabled in your subscription), export the report in the form of a widget to your dashboard or download the report in CSV format.
Note: A patch job can contain only 50 asset tags in a single job. Ensure that you modify the Prioritization Report for patching the vulnerabilities.
Reading the VMDR Prioritization Report