Threat Detection and Prioritization Phase
VMDR focuses on threat indicators in this phase and prioritizes the riskiest vulnerabilities. This phase leverages you with remediation techniques like-
- Age, RTI, and Attack Surface, or
- Qualys TruRiskTM Mode
Based on any of the remediation techniques you select, the prioritization report gives you the details of Prioritized Assets, Prioritized Vulnerabilities, and Available Patches. This detailed information ensures that fixing vulnerabilities becomes a simplified task. You can save and download the report or export it to the Dashboard.
The following screenshot is an example of the Prioritization tab that has Qualys TruRisk Mode enabled in the Qualys Cloud Platform UI:
Prerequisites for Generating VMDR Prioritization Report
- You have gathered the vulnerability posture for the assets. You could build your asset inventory using Cloud Agents or other methods such as Scanners, Passive Sensors, Cloud Inventory, Container Inventory, and Mobile Device Inventory.
- You have the Create Report global permission for your user role. Contact your manager if you do not have adequate permissions.
Additional Resources
- Prioritize using Age, RTI, and Attack Surface
- Prioritize using Qualys TruRisk
- Reading the VMDR Prioritization Report