Highest Voted 'qualys' Questions

0

votes

1 answer

Microsoft defender for cloud gives Findings have not been received yet for the VM message

I have created a Windows VM in azure and have added the WindowsAgent.AzureSecurityCenter extension and Microsoft.Compute/virtualMachines/providers/serverVulnerabilityAssessments through ARM template while creating the VM. Now under the Machines…

asked Sep 22 '22 at 07:40

DevMJ

331
1
5
17

0

votes

1 answer

API downloading CSV File thru Jmeter shows different File Size & content

Hi can someone help me check why I'm getting different CSV file content upon downloading thru Jmeter? Your response is highly appreciated. Thank you so much in advance. Sample Download thru Manual click File Format & Size Fiddler Request…

api csv jmeter response qualys

asked Jun 02 '22 at 11:30

Ralph

105
7

0

votes

1 answer

Runnng Qualys API call in Python and response not getting returned without error

Rookie Coder here, I was able to successfully run the following API call using Curl: username and password have been sanitized for security purposes curl -H "X-Requested-With: Curl Sample" -u "username:password" …

python api curl qualys

asked Mar 08 '22 at 05:43

WadeAlex

1
1

0

votes

1 answer

How to get error message content from console?

I have the following text as log output (to the python console), when running a script agains the Qualys API and would like to parse the content of in the error message ("Error! Received A 4xx...)from there. I am using the qualysapi modul. Based on…

python-3.x error-handling stdout qualys

asked Nov 20 '21 at 17:23

Gergo Peltz

29
6

0

votes

1 answer

Fixing/hiding Path Based Vulnerabilities in WordPress

I have a WordPress site that I manage. I recently received a Qualys vulnerability security scan (non-authenticated scan) that has a large number of "Path Based Vulnerability" findings. Almost all of the paths listed follow this…

wordpress security qualys

asked May 03 '21 at 22:49

jason

3,821
10
63
120

0

votes

1 answer

Terraform script for getting IP addresses for all GCP projects in my organisation

I want to scan all the IP addresses on my organization's GCP account and feed it to a file every week or so. How do I write a Terraform script/code to pull those data from GCP and then send it to the Qualys API for scanning?

google-cloud-platform terraform-provider-gcp spring-cloud-gcp qualys

asked Mar 01 '21 at 23:48

Charan Teja

17
6

0

votes

0 answers

How to resolve path-relative stylesheet import (prssi) vulnerability fix on ASP.Net MVC legacy Application

We have a ASP.Net MVC 4, C# legacy internal application and recently when analyzing vulnerabilities on Production using Qualys Express scanner and we found below issue and recommends as well. vulnerability -: Path-relative stylesheet import…

css asp.net asp.net-mvc qualys

asked Feb 08 '21 at 06:32

lochana

121
3
15

0

votes

1 answer

How to prevent SQL injection using C# mongodb driver?

I am using C# Mongodb driver to insert / update data in Mongodb. I have scanned my web api through "Qualys" and this was getting inserted in one my field called "createdOn" and I have provided sample data below. 1. Central Pacific Standard Time +…

mongodb-.net-driver qualys nosql-injection

asked Jul 29 '20 at 14:27

Aravinth

11
5

0

votes

1 answer

Slow Post Vulnerability (R U Dead Yet) - Express.js - data rate limit Solution?

I am trying to solve the issue of Slow Post Vulnerability on my application. Issue: https://blog.qualys.com/securitylabs/2011/07/07/identifying-slow-http-attack-vulnerabilities-on-web-applications To limit the number of connections from a user, I…

node.js express security qualys

asked Jun 24 '20 at 23:35

Harshit Kushwaha

73
9

0

votes

0 answers

Why is my converted postman powershell code returning empty brackets?

I am able to successfully leverage postman for an API call I am making to qualys but now I am attempting to convert it into powershell, or powershell ISE, and I get all these empty brackets and am not sure how to troubleshoot or understand these…

powershell api postman powershell-ise qualys

asked May 13 '20 at 15:19

Greg Gelman

11
4

0

votes

0 answers

How to stop shell command injection in spring

We have got few security holes reported in our Qualys report which says that commands can be injected using a url as below. /adc/Acc?sort=popular%26q=%3Apopular%3Aall%3A~WATCHES%26show=ping%20-c2%20-i91%20localhost Here the security team was…

spring shell spring-security sap-commerce-cloud qualys

asked Feb 06 '20 at 07:50

antnewbee

1,779
4
25
38

0

votes

3 answers

Qualys API Integration with Python

Having spent the past few days trying to get the Qualys API to work with python, I am usually running into errors such as 401 and errors of that sort, due to the fact that python code examples say they are unsupported. Since Qualys API is written…

python api curl qualys

asked Jul 17 '18 at 14:20

Singha22

1
2
6

0

votes

2 answers

Need a valid certificate for AWS Windows EC2 instance. Does Amazon Certificate manager provide certificates for EC2?

I am running a Qualys scan on a Windows EC2 instance and it reports some vulnerabilities. One of them is "SSL Certificate - Subject Common Name Does Not Match Server FQDN". Solution for this, as recommended by Qualys, is to "Please install a server…

amazon-web-services qualys

asked Mar 12 '18 at 07:22

D Modak

1
2

Questions tagged [qualys]