bro you tutorial is so much better than the qualys official. Thank you!
@shanadjiqtaАй бұрын
Kevin, it was a great explanation and hands-on tutorial. I am working as Cybersecurity Analyst and It was a pleasure to learn about the authenticated scan. You speak really calm. Rare and valuable finding!
@crazyturtlee10 ай бұрын
Very underrated content. As junior QA I'm assisting in Vulns management and videos like Yours are very helpful with getting know-how.
@bennel6478 Жыл бұрын
Thank you so much this is the most helpful and practical video I have seen on KZbin please don’t stop posting
@kevingaray_cyberguy Жыл бұрын
Thank you!! This means a lot to me :')
@saikesjaria Жыл бұрын
Hey thanks for the valuable information. I’m currently an IT service desk analyst looking to transits into cybersecurity. This is really helpful. Already signed up to for the Qualys online training. Thank you
@kevingaray_cyberguy Жыл бұрын
Great to hear! Good luck on your journey. If a schmuck like me can do it, you definitely can :)
@saikesjaria Жыл бұрын
Cheers man
@udohudoh6793 Жыл бұрын
How’s the training been so far? I’m new too and looking to learn more about VM.
@saikesjaria Жыл бұрын
@@udohudoh6793 it’s been amazing. Very interesting 🙌🏿
@saylirelekar9299 Жыл бұрын
What is the importance of Qualys certification???
@ainoleppanen7443 ай бұрын
Nice tutorial, very chill and informative. It would be cool to have some kind of beginners tutorial about the Qualys API, and advanced too.
@wigymbertdieujuste476911 ай бұрын
This is really Helpful, I want to get into this new industry and currently trading to learn Qualys. This really helps
@soulsimplistic Жыл бұрын
Just completed my VDMR Certification this weekend, I'm excited to to snag the PCI next.
@tonye.8023 Жыл бұрын
Do you mean the certification that Qualys offers?
@soulsimplistic Жыл бұрын
@@tonye.8023 yup
@kevingaray_cyberguy Жыл бұрын
Correct! And congrats on getting the cert. PCI is becoming a pretty lucrative career, too. Good luck!
@udohudoh6793 Жыл бұрын
Thanks for sharing.. looks a bit complicated but I’m eager to learn.. thanks again
@UzairAshfaq-pt3hv6 ай бұрын
Thanks for the video, Kevin. Waiting on more videos from your side, your knowledge is to the point and informative.
@eriksalmon Жыл бұрын
Great info and I like how you kept your errors in the video.
@gfdbdfbrfvbdfvb Жыл бұрын
Kevin this was amazing. I figure alot of new things out and it really made me think!
@kevingaray_cyberguy Жыл бұрын
Thank you!! I'm glad this was helpful 🥹
@henrykinkela7532 Жыл бұрын
New to Qualys VM and came accros your video & I must say I’m really impressed, also , I would like to ask, can Qualys have the capability to conduct an external Pentest to my environment?
@mikezeigler1 Жыл бұрын
I like the way you laid out this intro and you do a great job explaining. Please make more videos. I'm managing qualys vmdr at my company and we are a smaller shop. I don't have a formal security background, more administration. Trying to tackle 9000 vulnerabilities at my org.
@kevingaray_cyberguy Жыл бұрын
Thanks for the comment! Yea I'm working on making a Nessus video atm. Just trying to get it to run a credentialed scan on linux but no luck yet :p Once I get that up and running I'll start recording. You should 100% put that vuln management stuff down in your resume and also mention the amount of vulns you remediate. Hiring managers love to see numbers and statistics in a resume. Good luck remediating those! 9000 is a crazy number but you can definitely bring that number down. Good luck!
@mikezeigler1 Жыл бұрын
@@kevingaray_cyberguy yea alot of it is going to be remediated indirectly with steps we are taking to secure everything. It is indeed a lot, unfortunately my company still relies heavily on legacy software.
@kevingaray_cyberguy Жыл бұрын
@@mikezeigler1 yea sounds about right. Most vulns on 3rd party devices you just gotta let them know and ask if it will be fixed in a future patch. I feel your pain with legacy software lol time to build those rafs! lol
@naturesoothingsong3971 Жыл бұрын
Awesome Kevin, my diving into the cybersec, thanks for the video, im the 182 Subscriber officially ;)
@kevingaray_cyberguy Жыл бұрын
Aye thanks! I appreciate the sub!
@isaiasperez5831 Жыл бұрын
Bro you did so many steps!
@kevingaray_cyberguy Жыл бұрын
Yea the set up can be tedious lol but once it's running then it's a breeze after.
@jean-claudeaquino766 Жыл бұрын
Thank you so much for this Video. It helped me. Cheers mate.
@misterdabs5 ай бұрын
Thank you, it’s clear and clear, precise.
@cnordbott8 ай бұрын
Great video, thank you!
@curwenarthurs69015 ай бұрын
Very helpful video. Thanks for sharing. I have a question on what all a company would need to do a proof of concept test run.
@7figuresonline875 Жыл бұрын
Thanks for the video. Pls I have a question, while installing window 10 on the virtual machine, you kind of tweaked the initial ip address you imputed on the qualys platform earlier, subnet mask and default gateway. Pls I'm kinda stuck at this point. Kindly help with this. Thanks you!
@TrekkingtrailsA Жыл бұрын
Hey You did great video , so well explained . I’m beginner and want to get into cyber security , I am already IT guy . Please make more videos like these including other tools . Also need your advise how to get into cyber security job.
@kevingaray_cyberguy Жыл бұрын
Thanks for the comment! I'm planning on showcasing Nessus which is another vulnerability scan tool. Work is just keeping me pretty tied up but hoping to record it in the next week or so.
@sasuwayne Жыл бұрын
Thanks for sharing this Kevin
@kennychim5444 Жыл бұрын
Hi Kevin, thanks for your lesson. It is simple and straigh forward to follow, happy learning.
@kevingaray_cyberguy Жыл бұрын
Thank you! 🥹 It means a lot
@Mike-bp2sk Жыл бұрын
You should not disable the firewall and UAC globally. Those settings should even be flagged after the scan as critical security issues. If it doesn't, it is not doing a good job.
@coltonw.9535 Жыл бұрын
Great video! Been doing the Qualys training on their website.
@kevingaray_cyberguy Жыл бұрын
Hopefully its going well for you!
@123ranaldo Жыл бұрын
Such a great video my friend! - please if you can would be good to see vulnerability management in action whilst in production. so we can see how it goes! Qualys i wasn't aware of so ive done some research on that too! Keep making the good stuff it is much appreciated and especially hands on where noobs like myself can add stuff to my CV and understand cyber more !
@RovshanMusayev Жыл бұрын
Would be nice to see full tutorial with best practices for AWS scanning
@ScottPlude6 ай бұрын
great video. thanks!
@AzazelHash281 Жыл бұрын
very chill vibe will be subscribing
@kevingaray_cyberguy Жыл бұрын
Thank you!
@udemeumana37310 ай бұрын
Thank you so much for the tutorial, while trying to install the Win10 VM this error popped-up "windows cannot read the from the unattend answer file". Please do you know how I can fix it?
@kennethshibaba4490 Жыл бұрын
Hey Kev! Lovely video. Was wondering if you could help me. I am getting this error The LAN interface is unable to obtain a valid IPV4 address. WHat woud be the soution here? Cheers.
@RB-sv7ru11 ай бұрын
had the same issue, worked when i went into the virtual machine settings and changed the network adapter settings from bridged to NAT
@tl0470 Жыл бұрын
👏🏼👏🏼👏🏼 Very Nice sir. Thank you 👊🏼
@temitopeoluwadare9068 ай бұрын
Hello Kevin. Trust you're doing well. Please i am a subscriber and enjoying your class. I am actually stocked in the place of router IP I am using my Phone as my Internet provider. How do I manage this aspect. I have a month trial subscription on Qualys VMDR. Please sir. Your content is lovely.
@ertcrecov7933 Жыл бұрын
I've heard about Qualys and I'm transitioning into the CyberSecurity field & I wanted to know how thorough the course is & how long did the certification take? Thank you in advance for any help/guidance you may provide.
@kevingaray_cyberguy Жыл бұрын
Hi! Thanks for the comment :) The course for the VMDR certificate is pretty easy, it took me about 6 hours from start to finish along with maybe an extra hour to complete the final exam. It's pretty straightforward but it's all just basic knowledge. You don't really get to use the tool :/ That's kinda why I showcased this lab. To give people some hands-on experience with the tool so they can say "Yea I got the certificate and also know how to use the scanner" lol There's more to it too like building your dashboard to track remediated vulnerabilities, organizing vulns from critical to informational, etc.
@DavidJonathan10 Жыл бұрын
Thanks@@kevingaray_cyberguy great video. Seems you've not posted in a while. If you could do more of this, it will be great. Love your work. Thanks. Just stepping into Cybersecurity myself as well. Will keep checking your page for more
@koladesamuel4882 Жыл бұрын
Hi Kevin, Thank you for the video Please I am having problem with downloading the scanner to my virtual machine......... It wont download and does it take long to download?
@stevehill48649 ай бұрын
Can you make more videos using this scanner?
@missyou5085 Жыл бұрын
hi good explaion ❤❤❤
@imhotep1613 Жыл бұрын
Nice video . Thanks for sharing this wonderful lesson . Would you mind removing that background music next time ?It's disturbing?
@FragmentOfInfinity Жыл бұрын
No, the music is not. You know what WAS disturbing? *The Holocaust.*
@kevingaray_cyberguy11 ай бұрын
This went from 0-100 really quick...
@mrlewin2590 Жыл бұрын
Great. Now how do you set up a physical Machine?
@karibikaribi-whyte8599 Жыл бұрын
Hi Kevin, I really appreciate the video. I also tried everything step by step but could not find any vulnerabilities.
@kevingaray_cyberguy11 ай бұрын
Hey! Like none at all? Could be a credentials issue. Make sure you're giving Nessus the right credentials. If you're installing Nessus on your own machine to perform the scans, try changing the VM's network adapter from bridged to host-only and check the IP address and use the changed one. I believe someone ran into this issue before. Good luck!
@karibikaribi-whyte859911 ай бұрын
Hi Kevin, I appreciate the reply. I installed qualys on my VM. But will try again. Thanks.
@mikereddy9433 Жыл бұрын
very informative..
@Miochi_fiochi9 ай бұрын
Hi Kevin, can you do a video scanning IaC w Snyk?
@Fsufan939923 Жыл бұрын
Is there a way for you to demonstrate how to deploy qualys virtual scanner in a Microsoft Azure virtual machine?
@iespinosa31 Жыл бұрын
It's the same way using Azure Virtual Machine
@sugarskulllyfe5890 Жыл бұрын
great video!
@Kevin-hu1iz Жыл бұрын
Thanks!
@andyblondyn1898 Жыл бұрын
Hello Kevin - does this use Ivanti's patch management for MacOS as well? I have a mixed environment with a few Mac's and was wondering if I could use it for home needs. Thank you in advance!
@ArabObserver9 ай бұрын
Nice video
@abdelrahmanahmedsherif25092 ай бұрын
Hi Kevin, i need a help, how can i assign Public IPs to my deployed scanner? i should be using that range 64.41.200.240-64.42.200.250
@ibrahimYODA-qk1ng Жыл бұрын
I’m running into issues my qualys authenticated scan is not returning any vulnerabilities related to vlc not Firefox. I’ve been trying to troubleshoot that for 2 days now. I’ve performed all the steps in’this viedo.
@kutipepe5 ай бұрын
I do not understand why you needed to turn off the win 10 firewall, can you please explain it to me?
@gentlenip Жыл бұрын
Thank you for the video, I'm trying to setup the VirtualBox, but I keep getting an error message requesting that I need to install Microsoft Visual C++ 2019 Redistributable Package first before Installing the Oracle VM VirtualBox. I have already installed the Window Creation Tool. Please how to sort this out for me to proceed. Thanks for the great contents.
@polinenisreenidhi60125 ай бұрын
Hey Kevin I am stuck with the authentication I am not able to authenticate my Virtual box to Qualys It says unabale to complete windows login for host = , domain= , ntstatus= Can you please help me with this
@vitache127611 ай бұрын
Do you offer trainings
@ChapalPuteh_4 ай бұрын
Good for fixed IP ..
@vedikapainjane3591 Жыл бұрын
Did everything following the video, get an error at 7:16 , it says Qualys. Scanner Console Error: The LAN interface is unable to obtain a valid IPv4 address.
@envolvetechnicalsolutions1315 Жыл бұрын
I don't get why you have to install the Qualys scanner on a VM. Why can't it be installed on a local machine on the network?
@MrPrimatetv Жыл бұрын
My network is behind a router, is there anyway to do this?
@koladesamuel4882 Жыл бұрын
Please kevin, it keeps saying that it cant be verified while trying to download please help me what can i do
@blackpantaaa254 Жыл бұрын
you need to be conected with internet cable or can i do this with wifi?
@kevingaray_cyberguy Жыл бұрын
Doesn't matter. As long as you can connect to the Internet and are on your own home network you should be fine.
@prasadksnv41710 ай бұрын
Good,
@Ib90 Жыл бұрын
If I take the qualys vulnerabilities certificate can I get a job as Vulnerabilities scanner operator or management or I need more certificates.
@kevingaray_cyberguy Жыл бұрын
Great question! But to be completely honest and forward, no certificate(s) will guarantee you a job. However, it can increase your chances of getting one :) Usually getting a job in vuln management requires a solid grasp of the IT fundamentals, networking, and knowing how to research solutions. Having certificates will prove you have the knowledge but hiring managers do look at experience too so keep that in mind. That being said, I still recommend getting the qualys certificates so in the case you start applying at companies that use this tool, you'd have an advantage since you're comfortable using it and training will be easier.
@Ib90 Жыл бұрын
@@kevingaray_cyberguy thanks I'm gonna get the vulurablity management certificate, what other qualys certificates besides Vulurablity management you recommend. I also don't have alot of IT experience will the Vulnerability management certificate be sufficient like the CompTIA A+ plus to help with the Fundamentals because I can't afford the CompTIA A+ cert but the qualys VM is free.
@soulsimplistic Жыл бұрын
I would always try to get into something like a Help Desk position 1st. Employers want to know that you are comfortable in the computer environment and able to follow processes. Regardless of your certification(s), you'll be trained in the way the employer does things, as ALL processes are different from employer to employer. Good luck!
@kevingaray_cyberguy Жыл бұрын
@@soulsimplistic Excellent advice and I couldn't agree more! It's vital to understand an IT infrastructure from a lvl 1 perspective before you try to jump into a more complex role.
@richardekpebu9596 Жыл бұрын
Hi, when following you to install Qualys, I had a problem along the way which is I don't know or how to go about it. I could not find qualys virtual scanner license key. So please can you help. So that I can get it done, thanks.
@kevingaray_cyberguy Жыл бұрын
The activation code or the email code to create your qualys account?
@Abhi_JW999 Жыл бұрын
Hi Kevin , i need a help with nessus, im doing a lab where im scanning Metasploitable machine,im adding the IP of it in nessus ,i initiate the scan ,scan finishes in 5 seconds and no results, firewall disabled ,also im getting ping ftom Metasploitable to my local system and vice versa
@kevingaray_cyberguy11 ай бұрын
Change the network adapter of the VM from bridged to host-only
@savagesatchell Жыл бұрын
Whenever I assign my own IP address I lose internet access. Also do I not put my actual default gateway and use a made up one?
@kevingaray_cyberguy Жыл бұрын
Make sure you're using your actual default gateway. Are you doing this on a virtual machine?
@savagesatchell Жыл бұрын
Yes I’m assigning it on the VM, I did ipconfig all on my physical pc to see my actual default, is this correct?
@savagesatchell Жыл бұрын
So I can get a response from the regular vm address (before changing) if this helps
@kevingaray_cyberguy Жыл бұрын
@@savagesatchell correct, the default gateway should be the same on all of your devices connected to the same network. So say if your ips are all 192.168.0.X, your default gateway should be 192.168.0. 1
@savagesatchell Жыл бұрын
@@kevingaray_cyberguy Okay I have done everything but still didn’t work for me, may I email or teamviewer you?
@sapão_pill Жыл бұрын
I am cybersec student, I used college email, but I did not receive confirmation email.
@sambalryder Жыл бұрын
Hello Kevin, I need your help.its related to my job, Actually I want to scan an Internal Ip of the Cisco firewall (located in Norway) through A virtual scanner appliance which is setup in Madrid location. I try to scan the Internal Ip of Cisco firewall Ip which(Norway) through my virtual Madrid scanner. After many trials I can still see the Host as not Alive, my scanner Ip has been whitelisted and Standard ports like 443,22,23 are open for Host discovery. What is the reason if host is not alive?
@kevingaray_cyberguy Жыл бұрын
Hey! Unfortunately I cannot give advice regarding anything work related. I would suggest looking into forums for posts relating to your situation. That's usually what I do when I run into issues :)
@Xuirwioa0 Жыл бұрын
hey this video has been really helpful but im stuck on the part where i drag and drop firefox and vlc... i did everything correct up until this point any idea what i should do. my windows 10 wallpaper is also black does that mean anything?
@kevingaray_cyberguy Жыл бұрын
Hey! Did you run Guest Additions on the VM? Enabled bi-directional drag n drop? Once you do, try restarting the VM. Hopefully this helps!
@Xuirwioa0 Жыл бұрын
@@kevingaray_cyberguy I just went and downloaded the files from the browser within my VM… yo do you do zooms because I’m actually having trouble doing this. My IP addresses aren’t working properly in qualys… something about no active scanners. I followed all the steps in your video 🥲 any way I could contact you for some assistance
@Xuirwioa0 Жыл бұрын
@@kevingaray_cyberguy 10:42 what do you mean an ip address that is not in use
@olds84bigblock63 Жыл бұрын
When I imported the VM. After the penguins was doing there downloading, I receive an error message ( The LAN interface is unable to obtain a valid IPv4 address) what do I need to do to correct this issue. Thank you in advance!!
@kevingaray_cyberguy Жыл бұрын
Make sure the IP address you assign to the VM matches to the subnet of your home network. So say your have your network at "192.168.0.1-, then it should be anywhere around 192.168.0.2-255.
@olds84bigblock63 Жыл бұрын
@@kevingaray_cyberguy can we chat offline? I am not sure if it didn't go thru because I am in hotel or if I had my VPN turned on. Clearly without that step I can not move forward.
@themidnightrooster5765 Жыл бұрын
SLENDYMAYNE!!!!!💯💯💯💯💪💪💪
@JohnCutter317 Жыл бұрын
My ips are all over the place hard to pick a range under 19 addresses csn you put individual ips
@kevingaray_cyberguy Жыл бұрын
Yes you can definitely individually add the IPs manually!
@DataDost Жыл бұрын
Your linkedin profile name?
@linuxfornoobscom11 ай бұрын
Free account expires after 1 year, how to extend it?
@gfdbdfbrfvbdfvb Жыл бұрын
Kevin, when doing the authentication scan, I'm getting the same results as the non authentication scan and I don't understand why.
@Kevin-hu1iz Жыл бұрын
Make sure that the scan you're doing is not the same as before, gotta check the box that says authenticated scan in the settings. Sometimes I can be a bit tricky to get it working lol
@gfdbdfbrfvbdfvb Жыл бұрын
Yes, I made sure to do that. I’m just start from the beginning so see if I overlooked a step.
@gfdbdfbrfvbdfvb Жыл бұрын
I changed the static ip address and got it to work. I’m super excited!
@kevingaray_cyberguy Жыл бұрын
@@gfdbdfbrfvbdfvb Excellent work! Troubleshooting and finding the root cause always feels so good lol
@Fsufan939923 Жыл бұрын
I noticed some others were getting the same results between a non-authenticated scan and an authenticated one. What other steps did you take to fix this issue?
@31Chaos Жыл бұрын
qualys scanner isnt even loading up on vbox just says aborted...
@sysadmin-e6782 ай бұрын
Overall very good and adding the Win 10 test VM with vulnerable software is a good idea for learning/testing. One thing to be aware of is that in the real world do NOT make the changes mentioned in kzbin.info/www/bejne/omakpWiNec9qrJI. That lowers security to give the authenticated scan more access. An agent (not discussed and I'm not sure if it's even included with the Community Edition) should be installed and run as local admin to gain that level of access.
@Kevin-hu1iz2 ай бұрын
You're right! I should have mentioned that. Agents are normally used to perform authenticated scans but free editions don't come with it unfortunately. Nessus included. Thanks for pointing that out!
@sysadmin-e6782 ай бұрын
@@Kevin-hu1izI started playing around with the community edition yesterday and it does allow up to 16 assets with the Qaulys cloud agent but I have not used that yet.
@saylirelekar9299 Жыл бұрын
Sir plz guild me
@zinawarrior24446 ай бұрын
Can you show this on a Unix environment?
@gabriellalaplace Жыл бұрын
@kevingaray_cyberguy Hi, do you know any websites where people can do projects to get experience to put on their resume. If they have completed the Qualys vulnerability Management Courses. Like a Gamification website from a company or a simulation (fake) company. Or where someone can volunteer, to get experience to put on a resume. My plan is to try the courses to see if I pass them. But, I would like to know what to do afterwards (I just started to watch your video).
@kevingaray_cyberguy Жыл бұрын
Honestly there's tons of projects on KZbin that you can do depending on what you want to focus on. I'm working on a SEIM tutorial using QRadar that I will be releasing soon. Would be aimed towards someone who wants to work as a SOC Analyst. But there's also KZbinrs like Josh Madakor, KevTechIT, etc that showcase other labs you can work on to learn more about the industry and beef up your resume. Professor Messer teaches the CompTIA Trifecta which is crucial knowledge if you really want to excel in IT. Start off with free resources then gradually move up to paid ones :) good luck and I hope you enjoyed my video!
@gabriellalaplace Жыл бұрын
@@kevingaray_cyberguy Thanks for listing those 2 people. I'll look them up. I'm only really looking for Qualys Vulnerability Stuff. I started the 2nd course in the Vulnerability Track. I saw when they were looking up devices, they added NetBios or DNS ids. I thought it was automatically, but then a searched a long time on KZbin and found a video of someone manually adding IP addresses. So that's what I would like real world practice in at the moment. Then I'll focus on all the other stuff. Hopefully the test , tests that part really hard, and makes us manually add the IDs. Thank you very much for replying.