Vulnerability Management Project using Qualys

1. Introduction

Vulnerability Management (VM) is the process of systematically identifying, assessing, prioritizing, and remediating security weaknesses across an organization’s IT infrastructure. Instead of waiting for attackers to exploit vulnerabilities, VM enables proactive defense by ensuring systems are regularly scanned and updated.

Qualys is a leading cloud-based security and compliance platform that provides tools for vulnerability scanning, continuous monitoring, and remediation tracking. In this project, I deployed the Qualys Virtual Scanner Appliance (CVA) in a virtualized environment and used it to scan a target Windows machine. This lab simulates how enterprises manage vulnerabilities in their environments using Qualys.

2. Vulnerability Management Framework

A strong vulnerability management program follows a structured lifecycle. The framework used here is a 5-step process:

1. Asset Discovery – Identify and inventory all assets (servers, endpoints, applications, network devices).

2. Vulnerability Assessment – Scan assets to detect vulnerabilities, misconfigurations, and missing patches.

3. Prioritization & Risk Analysis – Classify vulnerabilities by severity using CVSS scores and business impact.

4. Remediation – Fix vulnerabilities through patching, configuration updates, or compensating controls.

5. Verification & Continuous Monitoring – Re-scan to validate fixes and continuously monitor for new risks.

NB: This ensures VM is not a one-time activity but a continuous security practice.

3. Lab Environment Setup

For this project, I built a virtual lab environment:

• Host Machine: Windows 10

• Virtualization Platform: VirtualBox

• Qualys Scanner Appliance:

  • Format: .cva file provided by Qualys

  • Deployed as a Virtual Machine

  • IP Address: 192.168.105.217

• Target Machine (Windows VM):

  • OS: Windows 10 

  • IP Address: 192.168.105.211

• Network Setup:

  • All VMs configured in the same subnet 192.168.105.0/24

  • Default Gateway: 192.168.105.145

  • Scanner and Windows VM must be able to ping each other.

NB: Our IP address is determined by our home router.