Search lists are custom lists of vulnerabilities that you can save. Once saved, search lists can be added to business objects in your account, including option profiles, scan report templates and remediation policy rules. One or more search lists in combination may be added to a business object.
There are 2 types of search lists: Static and Dynamic.
A Static search list includes a list of vulnerabilities (QIDs) that you define. You can perform a search of the KnowledgeBase to find the QIDs you want to include in the list or manually type or paste in a list of QIDs. When a static search list is used, the QIDs saved in the search list are included in the action.
A Dynamic search list consists of a set of vulnerability search criteria (severity level, category, CVSS score, patch availability, etc). The service dynamically compiles a list of QIDs based on the criteria. When a dynamic search list is used, the service queries the KnowledgeBase to find all QIDs that currently match the search criteria and then includes those QIDs in the action. Dynamic search lists are updated automatically by the service as new QIDs are added to the KnowledgeBase and new patch information becomes available.
Manage search lists from the search lists data list (Tools > Search Lists).
There are many ways to utilize vulnerability search lists. Static search lists are useful when you want to include a specific list of QIDs for testing, reporting and remediation. Dynamic search lists are useful when you want the service to automatically include QIDs that are newly added to the KnowledgeBase and QIDs that are updated with new information like patch availability.
Here are a few ways you can use search lists:
• Create a static list of QIDs for troubleshooting and verifying Windows authentication. (See Verifying Authentication (Vulnerability Scans) for a list of QIDs to include.)
• Create a static or dynamic list of QIDs to exclude from scans and reports.
• Create a dynamic list for an always up-to-date Microsoft patch Tuesday scan report, scan option profile and remediation rule.
• Create a dynamic list of QIDs flagged for PCI compliance.
• Create a dynamic list of QIDs for a particular vendor or product, such as Apache, Cisco, Microsoft, or Sendmail.
• Create a dynamic list of QIDs that are remotely exploitable on the .net framework.
Several search lists are provided by the service. These search lists correspond to service-provided option profiles and report templates.
The Library provides a variety of both static and dynamic search lists that you can import to your account. Once imported, you can use the search lists as-is or edit them as needed. See About the Library.
See Search Lists in New Subscriptions for more information.
In subscriptions with multiple users, Managers and Unit Managers can create global search lists for use by their users.
Global search lists created by Managers are made available to all users in the subscription. Global search lists created by Unit Managers are made available to all users in their business unit. All users have permission to save personal copies of global search lists published by their Managers in order to use them as the basis for new search lists.