Import additional metadata for vulnerability items (VI) to filter vulnerabilities based on the impact on a kernel or service.

Before you begin

Role required: sn_vul.vulnerability_admin or sn_vul.admin (deprecated)

Procedure

  1. Navigate to All > Vulnerability Response > Administration > Setup Assistant.
  2. Under Integration Configuration, click Scanner Integrations.
  3. Under Installed Application, click Edit for the Qualys application.
  4. Click Host Detection Configuration.
  5. Navigate to Import Additional Metadata for Detections.
  6. To import additional metadata from Qualys, manually select any of the following check boxes that you need.
    • Kernel Metadata: Identifies vulnerabilities found on running or non-running Linux kernels.

      If the value of the returned metadata is No, it means the vulnerability is not exploitable due to a non-running kernel. For information on the retrieved values, see Qualys metadata values for vulnerabilities.

    • Service Metadata: Identifies vulnerabilities found on running or non-running ports or services.
    • Exploitable Configuration Metadata: Identifies vulnerabilities that may or may not be exploitable due to the current host configuration.
    Note: By default, these check boxes are not selected.
  7. Run the Qualys Host Detection Integration with a backdate.
    For more information on how to set the start date, see Optional Qualys modifications.

Result

The metadata has been imported.

What to do next

To view the imported metadata, enter sn_vul_detection.list in the Filter Navigation. The Vulnerable Item Detections list is displayed. For more information on the values displayed in the newly added columns, refer to Qualys metadata values for vulnerabilities.