0 Replies Latest reply on Oct 2, 2015 1:09 PM by Akbar Aziz

    Windows Patch Catalog Filters for Qualys Remediation

    Akbar Aziz

      I have been playing with the new SecOps integration with Qualys and wanted to share this bit of information on how my catalog filter is set (which was changed to match the Qualys results) in BSA 8.7. I have attached the before and after reports from Qualys to show the results of vulnerabilities detected after the changes were implemented, scanned and remediated.

       

      Filter Settings:

      Before
      Microsoft Windows 2003
      Microsoft Windows 2008
      Microsoft Windows 2012
      .NET Framework
      Internet Explorer
      Visual Basic for Applications
      MSXML

       

      Windows Patching Job Analysis Results:

      Before.png

       

      After
      Microsoft Windows 2003
      Microsoft Windows 2008
      Microsoft Windows 2012
      .NET Framework
      Internet Explorer
      Visual Basic for Applications
      MSXML
      MDAC Components
      IIS

       

      Windows Patching Job Analysis Results:

      after.png

       

      There will be differences on servers that are scanned and remediated so you will have to test this out in your environment to find which filters work best.

       

      Below is a historical view from Qualys of what the server looked like before and then after the patches were applied using BSA.

       

      Vulnerabilties over time.png