Using Vulnerability and Patches Tokens in Combination to Create Windows Job

Use the vulnerability and patch tokens in combination to define criteria to create a QQL-based Windows job. Looking for help with writing your query? click here

Patches Tokens

Vulnerabilities Tokens

Patches Tokens

appFamily

architecture

bulletin

Vulnerabilities Tokens

Use these tokens to define search criteria for vulnerabilities. You must have a subscription to VMDR app to use these tokens.

vulnerabilities.firstFound

vulnerabilities.hostAssetName

vulnerabilities.hostOS

vulnerabilities.found

vulnerabilities.detectionScore

vulnerabilities.disabled

vulnerabilities.lastFixed

vulnerabilities.lastFound

vulnerabilities.nonExploitableConfig

vulnerabilities.nonRunningKernel

vulnerabilities.ssl

vulnerabilities.port

vulnerabilities.protocol

vulnerabilities.ignored

vulnerabilities.instance

vulnerabilities.severity

vulnerabilities.status

vulnerabilities.typeDetected

vulnerabilities.vulnerability.authTypes

vulnerabilities.vulnerability.bugTraqIds

vulnerabilities.vulnerability.category

vulnerabilities.vulnerability.compliance.description

vulnerabilities.vulnerability.compliance.section

vulnerabilities.vulnerability.compliance.type

vulnerabilities.vulnerability.impact

vulnerabilities.vulnerability.cveIds

vulnerabilities.vulnerability.cvss3_1Info.temporalScore

vulnerabilities.vulnerability.cvss3_1Info.baseScore

vulnerabilities.vulnerability.cvss2Info.accessVector

vulnerabilities.vulnerability.cvss2Info.baseScore

vulnerabilities.vulnerability.cvss2Info.temporalScore

vulnerabilities.vulnerability.discoveryTypes

vulnerabilities.vulnerability.flags

vulnerabilities.vulnerability.os

vulnerabilities.vulnerability.patchAvailable

vulnerabilities.vulnerability.pci

vulnerabilities.vulnerability.rebootRequired

vulnerabilities.vulnerability.qid

vulnerabilities.vulnerability.sans20Categories

vulnerabilities.vulnerability.solution

vulnerabilities.vulnerability.supportedBy

vulnerabilities.vulnerability.title

vulnerabilities.vulnerability.vendorRefs

vulnerabilities.vulnerability.vendors.productName

vulnerabilities.vulnerability.vendors.vendorName

vulnerabilities.nonExploitableKernel

vulnerabilities.nonExploitableService

vulnerabilities.vulnerability.patchReleased

vulnerabilities.timesFound

vulnerabilities.vulnerability.kbAge

vulnerabilities.detectionAge

vulnerabilities.vulnerability.description

vulnerabilities.vulnerability.lists

vulnerabilities.vulnerability.published

vulnerabilities.vulnerability.ransomware.name

vulnerabilities.vulnerability.risk

vulnerabilities.vulnerability.qualysPatchable

vulnerabilities.vulnerability.criticality

vulnerabilities.vulnerability.updated

vulnerabilities.vulnerability.mitre.attack.tactic.id

vulnerabilities.vulnerability.mitre.attack.tactic.name

vulnerabilities.vulnerability.mitre.attack.technique.id

vulnerabilities.vulnerability.mitre.attack.technique.name

vulnerabilities.vulnerability.mitre.attack.tactic.id:TA0001

vulnerabilities.vulnerability.mitre.attack.tactic.id:TA0002

vulnerabilities.vulnerability.mitre.attack.tactic.id:TA0003

vulnerabilities.vulnerability.mitre.attack.tactic.id:TA0004

vulnerabilities.vulnerability.mitre.attack.tactic.id:TA0005

vulnerabilities.vulnerability.mitre.attack.tactic.id:TA0006

vulnerabilities.vulnerability.mitre.attack.tactic.id:TA0008

vulnerabilities.vulnerability.mitre.attack.tactic.id:TA0009

vulnerabilities.vulnerability.mitre.attack.tactic.id:TA0040

RTIs

Use these tokens for searching Real-Time Threat Indicator (RTI) related vulnerabilities. You must have a subscription to the Threat Protection app to use these tokens.

vulnerabilities.vulnerability.threatIntel.activeAttacks