11

Continuous scanning in the cloud Continuous scanning in the cloud The first assessment scan in the cloud takes some time, after that scans complete as soon as new host metadata is uploaded to the platform. How it works The agent sends up an upload of the baseline snapshot to the cloud agent platform for assessment. For the initial upload the agent collects comprehensive metadata about the target host (a few megabytes) and sends a baseline snapshot to the cloud for assessment. The status Scan Complete is reported upon success. This first scan typically takes 30 minutes to 2 hours using the default configuration - after that scans run instantly on the delta uploads (a few kilobytes each). The asset data the agent collects includes many things for the baseline snapshot like network posture, OS, open ports, installed software, registry info, what patches are installed, environment variables, and metadata associated with files. The agent stores a snapshot on the agent host to quickly determine deltas to host metadata it collects. What signatures are tested? Agent-based scanning uses the same signatures (vulnerabilities, compliance datapoints) as traditional scanning with Qualys scanners. If you’ve activated your agents for VM, we’ll test for vulnerability signatures. If you’ve activated your agents for PC we’ll check for compliance datapoints. 11

12 Publizr Home