Each new user account includes option profiles provided by the service to assist users with scanning. These option profiles are described below. Also, the Library provides a variety of option profiles for vulnerability scans that you can import to your account. You can use them as-is or edit them as needed. See About the Library.
Initial Options. The Initial Options profile is initially set as the default profile for vulnerability scans and scheduled vulnerability scans. The default profile is intended for global use to ensure compliance with corporate security policies. Users with a Manager role have the ability to edit and rename the default option profile.
Note: Managers can customize the Initial Options profile or create a new option profile and select Set this as the default option profile when launching maps and scans. There may only be one default profile set at any given time.
Initial WAS Options. The Initial WAS Options profile includes best practices settings for web application scans.
Additional Option Profiles for Vulnerability Scans:
Payment Card Industry (PCI) Options. (This profile is only available if the Payment Card Industry (PCI) compliance feature is enabled for your subscription.) Use the PCI option profile to find and eliminate network security vulnerabilities associated with electronic commerce. This option profile contains scan configuration settings that have been optimized to test compliance with the Payment Card Industry Data Security Standard. After scanning your network with the PCI option profile, generate PCI reports to identify whether scanned hosts meet PCI compliance requirements.
Qualys Top 20 Options. Use the Qualys Top 20 option profile to scan for the 20 most prevalent vulnerabilities determined by Qualys. The Qualys Top 20 list includes the 10 most prevalent internal vulnerabilities (detected on private IPs) and the 10 most prevalent external vulnerabilities (detected on public IPs). The Qualys Top 20 list is updated automatically and continuously from a statistically representative sample of thousands of networks. The list of included vulnerabilities is not editable.
SANS20 Options. You'll notice the title is "2008 SANS20 Options" if your subscription was created using version 6.18 or later. (Important: The SANS Top 20 list was last updated in 2008. For more accurate information on the most prevalent and critical real-world vulnerabilities use the Qualys Top 20 list.) Use the 2008 SANS 20 option profile to scan for the SANS Top 20 vulnerabilities. The SANS Institute publishes a list of the 20 most critical Internet security vulnerabilities, including top vulnerabilities in Windows systems, Unix systems, cross-platform applications and networking products. For each of the top 20 vulnerabilities, the service scans for multiple QIDs. The list of included vulnerabilities is not editable.