View Risk Findings

Risk management is a critical framework designed to safeguard organizational assets, maintain uninterrupted operations, and defend your organization's reputation against cyber threats. It involves identifying vulnerabilities and misconfigurations, monitoring them, and mitigating the threat. This section explains about the Findings Overview and the listing of Vulnerabilities and Misconfigurations Findings.

Findings Overview

The Risk Management tab in ETM gives you an overview of Findings categorized as Vulnerabilities and Misconfigurations. The following screenshot displays the Findings Overview

Findings overview.

Vulnerabilities Findings

To view the vulnerabilities detected on your assets, navigate to the Risk Management > Findings page and select Vulnerability. You can also utilize various metadata filters, group by options, and custom query capabilities. Following is the Vulnerabilities data listed on the Findings page:

  • CVE ID: Lists the unique identifier assigned to the vulnerability or exposure. Clicking on it will redirect you to the National Vulnerability Database (NVD) webpage.
  • Title: This column lists the vulnerabilities detected on the assets. By clicking the Finding Name, you will be redirected to the Finding Summary page.
  • QDSThis column lists the score assigned to the Qualys detection, ranging from 1 to 100, and is categorized into four severity levels. For more information, refer to Understanding Qualys Detection Score.
  • Sources: The Sources column lists the Connectors represented by the Connector icon. It represents the name of the source from where the findings were ingested.
  • Last Detected: If a Finding is detected for the first time, its detection date will be shown as the First Detected. However, if the same Finding is not detected again, its Last Detected date will be the same as the First Detected. 
  • Asset: The Asset column shows the asset name on which the vulnerability was detected. Clicking the asset name will allow you to view its details.

    The following Vulnerabilities screenshot under the Risk Management > Findings tab highlights its columns:

    Vulnerability findings tab.

View Vulnerability Finding Details

  • From the CVE ID column, click the CVE to view the complete CVE information.
  • Click View Details from the Quick Actions menu to view the following vulnerability details relating to the specific vulnerability:

    Quick actions.
  • Summary:- It displays basic details, status, QDS, severity and description of the vulnerability and details of the asset on which the vulnerability is detected.

  • QDS Details:- It displays the  QDS contributing factors for the vulnerability:

    • Highest Contributing CVE:- Click the CVE number, and the Additional Insights  display the Technical Attributes, Recency, and Remediation.
    • Associated Malware and Threat Actors:- Click on the Malware count to view the data in the Additional Insights section.
    • Exploitability:- It displays the date when the exploitability recently trended. The Recency section of the Additional Insights graph displays the time when the CVE trended.
    • Additional Insights:- When you click Additional Insights, it displays more information about the vulnerability' s Technical Attributes, Temporal Attributes,Trending, and Remediation. 
  • Detection Details: This section specifies:
    • The detection rationale is a logic of how a security vulnerability is identified.
    • Vulnerability impact and remediation guidance to fix the vulnerability. 
  • Exploitability: A list of known exploits for the vulnerability.
  • Patches: A list of patches available for the vulnerability.
  • Malware: A list of malware associated with the vulnerability.
  • Sources: If the same vulnerability is detected from multiple sources on the same asset, then this section displays the aggregated record created based on the merge rules and individual source records displaying the multiple sources from where the vulnerability is detected.

Search Vulnerabilities

  1. Choose Vulnerability to display vulnerability data or Asset for asset data. You can easily browse the data list and explore details. For example, click the CVE 2021-40438 to view details for that vulnerability.
  2. The Group By option helps you organize your data. For example, you can select Group By Severity and then click any value listed in the Detection Count column to view the list of assets with the assigned severity.
  3. Use Quick Filters located in the left navigation. The Quick Filters option lets you choose the type of vulnerabilities to filter the vulnerabilities further.
  4. Use filter. The filter option lets you choose the type of vulnerabilities to exclude from the data list.
  5. Use search tokens to filter vulnerabilities further.  

Misconfiguration Findings

To view the misconfigurations detected on your assets, navigate to the Risk Management > Findings page and select Misconfiguration. You can also utilize group by options, and custom query capabilities. Following is the Misconfiguration data listed on the Findings page:

  • Title: This column lists the misconfigurations detected on the assets.
  • QDSThis column lists the score assigned to the Qualys detection, ranging from 1 to 100, and is categorized into four severity levels. For more information, refer to Understanding Qualys Detection Score.
  • Sources: The Sources column lists the Connectors represented by the Connector icon.
  • Last Detected: If a Finding is detected for the first time, its detection date will be shown as the First Detected. However, if the same Finding is not detected again, its Last Detected date will be the same as the First Detected. 
  • Impacted Asset: The Impacted Asset column shows the asset name on which the vulnerability was detected. Clicking the asset name will allow you to view its details.

    The following Misconfigurations screenshot under the Risk Management > Findings > Misconfigurations highlights its columns:

    Misconfiguration tab.

View Misconfiguration Finding Details

Click View Details from the Quick Actions menu to view the following details about a specific misconfiguration.

Misconfiguration quick actions.

  • Summary:- It displays basic details, reference ID, status, QDS, severity and description of the misconfiguration and the details of the asset on which the misconfiguration is detected.

  • QDS Details:- It displays the QDS contributing factors for the misconfiguration:

    • Highest Contributing CVE:- Click the CVE number, and the Additional Insights  display the Technical Attributes, Recency, and Remediation.
    • Associated Malware and Threat Actors:- Click on the Malware count to view the data in the Additional Insights section.
    • Exploitability:- It displays the date when the exploitability recently trended. The Recency section of the Additional Insights graph displays the time when the CVE trended.
    • Additional Insights:- When you click Additional Insights, it displays more information about the vulnerability' s Technical Attributes, Temporal Attributes,Trending, and Remediation. 
  • Detection Details: This section specifies:
    • The detection rationale a logic of how a security vulnerability is identified.
    • Misconfiguration impact and remediation guidance to fix the misconfiguration. 
  • Additional Details  : Additional details about control/ CSAM rule and policy that is evaluated on an asset. It is supplementary information that provides further context about the policy and control.
  • MITRE ATT&CK: MITRE Tactics and Techniques associated with the control that evaluated on an asset.
  • Sources: If the same misconfiguration is detected from multiple sources on the same asset then this section displays the aggregated record created based on the merge rules and individual source records displaying the multiple sources from where the misconfiguration is detected.

Search Misconfigurations

Search misconfigurations.

  1. Choose Misconfiguration to display misconfiguration data or Asset for asset data. You can easily browse the data list and explore details. For example, click the Title: EOS: Google Chrome 84.0.4147.125 Stable Channel  to view details for that misconfiguration.
  2. The Group By option helps you organize your data. For example, you can select Group By Severity and then click any value listed in the Detection Count column to view the list of assets with the assigned severity.
  3. Use quick filters located in the left navigation. The Quick Filters option lets you choose the type of misconfigurations to filter the misconfigurations further.
  4. Use search tokens to further filter the data list.  

© 2025 Qualys, Inc. All rights reserved. Privacy Policy.