Organizing Assets in Qualys Subscription

Here are some best practices and tips for organizing assets and thereby securing your GCP infrastructure by using Qualys applications.

Setting up Qualys Configurations

Asset Groups - Organize assets into meaningful groups and assign them to sub-users. Asset groups are required when you have multiple user roles such as Scanner, Reader, and Unit Manager (if business units are defined). The same IP address can be included in multiple asset groups.

Business Units - Organize users and assets into business units to match your organization. This allows Managers to grant users role-based permissions in the context of their assigned business unit. The same IP address can be included in multiple business units.

Networks - Organize discrete private IP networks to keep overlapping IP blocks separate. When configured, Qualys tracks IPs by network and IP address.

An IP address must be unique to your subscription or a single network.

Removing Terminated Virtual Machines- You can remove terminated virtual machines from your Qualys account. Go to VM/VMDR or Policy Compliance > Assets > Asset Search and select the assets with tracking method as IP address. You could also add more parameters to refine your search such as Last Scan Data not within the past <value> days.

Click Search and then select the assets from the results. From the Actions drop-down, select Purge. This results in the removal of assets along with their associated data from the module.