Asset Details
Under the Vulnerabilities tab, select Asset to view the assets in your inventory. You can also use the various metadata filters, Group by options, and custom query capabilities.
Following are some of the columns listed on the Assets page:
-
Criticality:- The Criticality column lists the criticality score of your assets. This score is termed an Asset Criticality Score (ACS) and can be between 1 to 5. For more information, refer to Understanding Asset Criticality Score.
-
TruRisk ScoreTM :- The TruRisk ScoreTM column displays the overall risk score assigned to the asset. For more information about TruRisk, refer to Prioritize Vulnerabilities using Qualys TruRiskTM .
-
Sources: The Sources column displays the list of scanned assets and the type of scan performed on them.
-
Tags:- The Tags column displays the tags attached to the assets. or more information about adding tags to list in the Tags column, refer to Add Tags.
-
Download Asset Search Results:- To share the asset results with other users, download the search results in CSV format to your local systems. Perform the following steps to download a CSV report for Asset Details:
1. Click the download button.
2. By default all the Asset Details are selected in the Download formats window. You can uncheck the details that you do not want in the CSV report.
3. Click Download.
The download for detections is limited to 50,000 records across all assets. For a single asset, if more than 500 detections are reported, the download is limited to its first 500 detections.
View Asset Details
From the Name column select the Asset Name to view the complete information of the asset.
-
Asset Summary:- Click the asset name link (or choose View Asset Details from the Quick Actions menu). You will see a comprehensive asset view with many up-to-date details. You can rename an asset and configure the asset name for automatic updates. Refer Auto-update of Asset Names for more information.
-
TruRisk Score:- The TruRisk Score page displays the TruRisk Score and its Contributing Factors of the TruRisk Score. The Contributing Factors of the TruRisk Score are:
- Business Criticality:- It is the Asset Criticality Score (ACS) of the asset. the range is between 1 to 5.
- Asset Exposure:- It displays the name of external tags. This contributing factor is displayed only if any external tag is associated with the asset.
- Top Risk Factors:- It displays the risk criteria of the vulnerability detected on the asset. Top Risk Factors consists of factors such as CISA Known Exploitable, Associated Threat Actors, Associated Malware, and Weaponized Vuln
The Risk Calculation explains the formula that is used to calculate the TruRisk Score.
The TruRisk Score page also displays the list of Vulnerabilities that are by default sorted in descending order based on the Qualys Detection Score (QDS).
Optionally, you can edit the vulnerability.detectionScore token in the query search bar. Click the value in the QDS column, and you will be redirected to the QDS Details page of the Vulnerability field. Refer, Vulnerability Details to view the information displayed on the QDS Details page.
-
Vulnerabilities:- The Vulnerabilities page gives you an interactive summary of vulnerabilities on the asset.
Perform the following steps to view the list of all vulnerabilities by severity:
- In Vulnerabilities by Severity section, select the severity. The Confirmed Vulnerabilities and Potential Vulnerabilities display the result according to your severity selection.
- In the Detections by Status section you can click on the Active, New, Reopened, and Fixed detections. Clicking on any of these detection scores will redirect you to the associated vulnerabilities list.
The Detection by Status is based on the Date selection and Vulnerability by Severity. If an asset does not have data within the selected time, the scores in the Detection by Status will appear as 0.
See the following tutorial to learn how to view asset data collected by agents and scanners: