Run Scan from Qualys Cloud Agent

Using Qualys Cloud Agent, you can retrieve the leaf certificate present on your target machine in the registry or certificate manager console. Qualys Cloud Agent scans the certificates, and you get the certificate details. For more information on installing the Cloud Agent, refer to Qualys Cloud Agent for Windows guide.

Pre-requisites

• Contact your Technical Account Manager or Qualys Support to activate this feature. 

• Install Windows Agent.

• Currently, Certificate View supports Windows Agent only.
• Certificate View displays certificates that are installed on the Windows machine only.

Following are the steps to run scans from Qualys Cloud Agent:

1. Download the Cloud Agent installer.

2. Install the Cloud Agent.

3. View the Certificates in the Certificate Tab.

Follow these steps for detailed procedures:

Download the Cloud Agent Installer.

1. Log into the Qualys Cloud Platform and select CA for the Cloud Agent application.
2. Choose an activation key (create one if needed) and select Install Agent from the Quick Actions menu.

   To create an activation key.

   Go to Cloud Agent > Agent Management > New Key.

   - You can also generate New Key from the Activation Keys tab.

   - Provide a Title, select the Vulnerability Management module from Provision Key for these applications section, and click Generate.

   

3. Click Install instructions next to Windows (.exe).

   

   The Cloud Agent installer is downloaded to your local system, and in the UI, you can see the associated Activation key ID and Customer ID.

4. Copy and paste this to a safe place; you need it to complete the installation manually or through software distribution tools.

   For more details on activation keys, refer to Manage Activation Keys.

Install the Cloud Agent.

1. Copy the Qualys Cloud Agent installer onto the host where you want to install the Cloud Agent.

2. Run the command or use a systems management tool to install the Cloud Agent as per your organization's standard process to install the software.

> QualysCloudAgent.exe CustomerId={xxxxxxxx-xxxx-xxxx-xxxxxxxxxxxxxxxx} ActivationId={xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx} WebServiceUri=<platform_url>/CloudAgent/

Once installed, the Qualys Cloud Agent connects to the Qualys Cloud Platform and provisions itself.

The Qualys Cloud Agent is now listed in the Agents tab.

By default, the Qualys Cloud Agent runs the scan every 4 hours, and you can view the scans performed in the Certificates tab of Certificate View.

You can create a customized Configuration Profile and assign the profile to your Cloud Agent. For more details on assigning configuration profiles, refer to Cloud Agent Online help.

View the Certificates in Certificates Tab.

You can use a search query to find the certificates that are scanned through VM (Vulnerability Management) or Qualys Cloud Agent.

For example, instance:(sources: QAGENT)

To view the certificate details, go to View Details from the Quick Actions menu. Go to the Hosts tab.

You can view the details of assets with sources as VM or Qualys Agent. The certificate scanned through VM has  icon. The certificate scanned through Qualys Agent has  icon.

Cloud Agent scans do not support remote discovery, and hence the discovery of ports, protocols, services, grade, and grade summary are shown empty for certificates scanned through Qualys Agent.

QID is the unique Qualys ID number assigned to the vulnerability. A set of SSL certificate QIDs is always used for CertView scans. For QID details,  refer the following topic  Vulnerability tests (QIDs) for CertView Scans   

To know more about running and scheduling CertView scans from VM/VMDR, go to VM/VMDR > Scans > Scans and look up CertView scans in the VM Online help.