Prioritize using Age, RTI, and Attack Surface
Qualys offers you an option to prioritize and remediate vulnerabilities based on filters like Age, Real-Time Threat Indicators (RTI), and Attack Surface.
Perform the following steps to generate Prioritize report using Age, RTI, and Attack surface parameters:
- In the Prioritization tab, click Reports.
- Click Start Prioritizing.
- Select at least one Asset tag to display the prioritized list of vulnerabilities associated with the assets.
- Click
to proceed with Prioritization. Show meShow me
- In the Asset Tags section, from Include and Exclude menu, select one of the following options:
- Any: to include or exclude all assets that might have any of the selected tags
- All: to include or exclude only those assets which have all the selected tags
- Select Detection or Vulnerability in the Age bar graph
- Detection: is based on when the vulnerability was first detected (by a scanner or cloud agent). Select detection age ranges (0-30, 31-60, etc.) to include in the report. For example, select 180+ to prioritize vulnerabilities that have been active in your environment the longest.
- Vulnerability: it is the number of days since the vulnerability was disclosed. Select detection age ranges (0-30, 31-60, etc.) to include in the report. For example, select 0-30 to include the vulnerabilities that have been recently disclosed.
- In the Real-Time Threat Indicators (RTI) parameter, select the indicators from the Potential Impact or Active Threats. You can toggle between the options Match Any (logical OR) and Match All (logical AND) for the selected RTI filters.
-
In the Attack Surface parameter, select the filters to remove vulnerabilities from the report that are not the highest priority.
For information about Attack Surface, see the Attack Vectors

-
Click Prioritize Now to enable the threat intelligence to prioritize the riskiest vulnerabilities on your network for the assets you selected.

Once you generate the report, you could proceed with patching the vulnerabilities (if the Patch Management application is enabled in your subscription), export the report in the form of a widget to your dashboard, or download the report in CSV format.
A patch job can contain only 50 asset tags in a single job. Ensure that you modify the Prioritization Report to patch the vulnerabilities.
Related Topics