You can select multiple vulnerability search criteria like severity level, category, patch availability, etc, and then save your selections as a dynamic search list. Each time you use the list, the application searches the KnowledgeBase to find all the matching QIDs and include them in your action. By using a dynamic list you get all the matching QIDs including QIDs newly added to the KnowledgeBase.
You can find the search list tab in three tabs: Scans, Reports, and KnowledgeBase.
Here are a few ways you can use dynamic search lists:
- Create a dynamic list for an up-to-date Microsoft patch Tuesday scan report, scan option profile, and remediation rule.
- Create a dynamic list of QIDs flagged for PCI compliance.
- Create a dynamic list of QIDs for a particular vendor or product, such as Apache, Cisco, Microsoft, or Sendmail.
- Create a dynamic list of QIDs that are remotely exploitable on the .net framework.
- Create a dynamic list of QIDs that have a particular CVSS or CVSS v3.1 score.
- Create a dynamic list of QIDs that are supported by the Agent. Learn more.
- Create a dynamic list of custom QIDs that are created using CAR script. Learn more about custom QID.
- Create a dynamic list of required CVE IDs. For a large list of CVE IDs, we recommend using the Dynamic Search List API since the UI is limited in the number of characters you can enter. Refer to the API User Guide for more information.
For details on how to create a dynamic list, refer to the topic Configure Search Lists.
You can easily report on Real-Time Threat Indicators (RTIs) using dynamic search lists.
Important - RTI options are only available to users with Threat Protection enabled for their subscription.
Create a new dynamic search list and select the threat indicators you're interested in. Then add this search list to your scan report templates. Your reports will include QIDs that match *any* of the selected values.
To learn more about threat indicators, please refer to the following article: