Check the status of CVEs. Learn More.
Keeping your systems up 100% of the time requires live patching. Our solutions will align strongly with your risk, compliance, and operational uptime requirements.
TuxCare is trusted by the most innovative companies across the globe.
Learn about TuxCare's modern approach to reducing cybersecurity risk with Blogs, White Papers, and more.
Continually increasing Cybersecurity, stability, and availability of Linux servers and open source software since 2009.
TuxCare provides live security patching for numerous industries. Learn how TuxCare is minimizing risk for companies around the world.
2x a month. No spam.
August 27, 2021 - TuxCare PR Team
Qualys provides visibility into the IT infrastructure, with comprehensive reporting on the state of systems and vulnerabilities that may be present in them.
TuxCare’s KernelCare Enterprise provides Live Patching for the Linux Kernel and important shared libraries like OpenSSL and glibc (functionality provided with LibraryCare Add-on).
It is possible to integrate KernelCare specific information into Qualys reports having the best of both worlds and accurately reflect the patched state of running kernels. This article shows you how to achieve this.
There is already an integration between Qualys and KernelCare, which lets “Information gathering” operations return the correct information. When KernelCare is deployed onto a system, Qualys will provide the following output for an “Information gathering” operation:
And this is as expected. When digging into the details, you can see the effective version of the currently running kernel:
And
This is the result of “/usr/bin/kcare-uname -r”. This command provides the correct output version for a system running a kernel that has received live patches, as opposed to “uname -r”, which will only show the installed kernel version.
So, for “Information gathering” operations, Qualys is KernelCare-aware and provides the correct output.
However, when scanning for kernel-related package versions, “Outdated packages” will still report the older kernel version, and this will artificially inflate the number of vulnerabilities present:
To correct this, there is an option under “Report Template” in Qualys to specifically ignore older versions:
This filter will correctly ignore older kernel versions in the report. In our test example, the change made this:
Go to this:
This isn’t just a trick to ignore some issues – it’s a way to ensure the Qualys’ report reflects accurate vulnerabilities when systems are protected with TuxCare’s KernelCare Enterprise.
Learn About Live Patching with TuxCare
PALO ALTO, Calif. – December 14, 2022 – TuxCare, a...
TuxCare’s KernelCare Enterprise provides live patches for various enterprise-grade Linux...
The TuxCare team has improved the accessibility of our KernelCare...
Proof of value (POV) is a key step in the...
So, you have your shiny new Raspberry Pi, a great...