Start Cloud CertView scans

Launch Cloud CertView scans and start getting up to date view on your certificates and security posture for your AWS EC2 hosts using Qualys Certificate View!

Note that the Cloud CertView scan option will be visible only if CertView is turned on in your subscription.

Pre-requisites

Before you launch Cloud CertView scans you must activate EC2 Assets for CertView Scanning. Once you create an EC2 connecter in AssetView, EC2 assets will be activated automatically to scan CertView Scanning application.

To create an EC2 scanner:

1) Go to AssetView > Connectors > AWS > Create EC2 Connector. In the Tags and Activation tab select the option: Automatically activate all assets for CertView Scanning application

2) Since this option has to go hand in hand with vulnerability scanning we will pre-select the "Automatically activate all assets for VM Scanning application" option for you.

Create new EC2 connector in asset view

Let’s launch a Cloud CertView scan

 

New Cloud CertView Scan option

Be sure to create the EC2 connector for the EC2 assets you wish to scan to your CertView license (under Assets > Host Assets).

Note: If Asset Group Management Service (AGMS) is enabled for your subscription, you will see the Address Management tab instead of Host Assets. To understand the changes that happen when AGMS is enabled for your subscription, refer to Introducing AGMS.

Then go to Scans > Scans > New > Cloud CertView Scan (or Schedule Cloud CertView Scan).

Click here for help with scheduling

General information to launch cloud certview scan

Choose your scan settings.

We recommend the Initial Options profile to get started. You can easily configure a profile with the various scan options, i.e. what ports to scan, whether to use authentication, and more.

Choosing an option profile

CertView scans always use these QIDs. Refer to 

Vulnerability tests (QIDs) for CertView scans

 

 

 

Target hosts to launch cloud certview scan

Select the EC2 connector you created in AssetView and choose an EC2 Platform and Region.

 

If you want you can also choose specific assets and asset tags to scan.

Scanner appliance to launch cloud certview scan

Choose a Scanner Appliance that can connect to the EC2 instances.

 

You can also set notifications if required to inform you once the scan is finished.

 

That's it - just click Launch and you're done!  

       

Scans list with scan status

You’ll see your scan in the scans list.

Scan Finished, Results Processed Icon - Results are processed and available in your account

Scan Finished, Results Not Processed Icon - Scan is completed but the results are not processed. Go to Filters > Processing Tasks to see the status.

Check out Certificate View

 

Choose Certificate View from the app picker.

Your Certificate View dashboard gives you all info relevant to you about your certificates, host configurations and vulnerabilities.

Sample Certificate View dashboard