Independent author Tim Proffitt writes his thesis, as part of his GIAC certification requirements, on how large companies should implement a Vulnerability Assessment Program using QualysGuard. The white paper is hosted in the SANS Institute Reading Room, and provided by SANS as a resource to benefit the security community at large. In this paper Tim Profitt provides a step-by-step guide for implementing a Vulnerability Assessment Program using QualysGuard, including background and recommendations on how to:
- Create Security Policies and ControlsRead White Paper
- Categorize Assets
- Discover Assets
- Configure Hosts and Assets
- Configure Scan Details
- Report on Your Results
- Rank Your Risks and Remediate
- Handle Verification and False Positives
- Meet Compliance
