\nIn the race against cyber threats, finding vulnerabilities is no longer enough. True security comes from _understanding_ them\u2014where they exist, how they were discovered, and what risks they pose. One of the most overlooked aspects in vulnerability management is knowing the **source** of detection. Without it, organizations may waste valuable time chasing the wrong threats while leaving real risks unaddressed.<\/p>\n
To solve this challenge, **Qualys VMDR** now offers **Vulnerability Detection Sources** \u2014a feature designed to eliminate confusion and help organizations take precise, impactful action.<\/p>\n
## **Why Knowing the Source Matters**<\/p>\n
Imagine you’re scanning your cloud virtual machines with agents while also running external perimeter scans. Vulnerabilities begin to appear. But where did they come from? Were they discovered from within your infrastructure or from an external scan? <\/p>\n
Without this clarity, it’s difficult to:<\/p>\n
* Understand the context of a vulnerability
* Prioritize the right remediation efforts
* Apply the appropriate security controls<\/p>\n
<\/p>\n
This lack of insight creates delays, misdirected actions, and ultimately, **unnecessary risk**.<\/p>\n
That\u2019s where _Vulnerability Detection Sources_ come in.<\/p>\n
## **Powered by TruRisk : Prioritize External Threats with Greater Precision**<\/p>\n
Detection source visibility is now directly integrated into your **TruRisk Score** to enable smarter risk prioritization. External exposures often present a greater threat surface and require faster remediation. That\u2019s why:<\/p>\n
**When a vulnerability is detected on an externally exposed asset, TruRisk automatically increases its score by 20%.**<\/p>\n
<\/p>\n
This dynamic adjustment ensures that vulnerabilities facing the public internet are escalated with urgency, empowering your team to focus first on the risks that matter most.<\/p>\n
## **What Are Vulnerability Detection Sources?**<\/p>\n
This feature in VMDR identifies **exactly where** each vulnerability was detected\u2014whether through Cloud Agent, perimeter scans, internal scanners, or one of many supported methods. By revealing the detection source, security teams can:<\/p>\n
* **Identify the root cause** of the vulnerability
* **Take targeted action** based on where the vulnerability exists
* **Accelerate remediation efforts**
* **Reduce the attack surface** and proactively eliminate risk<\/p>\n
**Supported Sensor Types Include:**<\/p>\n
<\/p>\n
## **How It Works: Better Visibility, Better Decisions**<\/p>\n
Once enabled, the detection source information becomes visible from the **next scan onward** (note: not retroactive). Here\u2019s how it helps:<\/p>\n
**1\\. Enhanced Vulnerability Listings**<\/p>\n
A new **\u201cSources\u201d column** now appears in the Vulnerabilities page, letting you hover for detection details, including:<\/p>\n
* Source name(s)
* First detected date
* Last detected date<\/p>\n
<\/p>\n
You\u2019ll also find this information integrated into the **TruRisk Score** page for deeper context.<\/p>\n
**2\\. Group by Detection Source**<\/p>\n
Using the new **Group by: Vulnerability Detection Sources** filter, you can organize vulnerabilities by source. This helps you:<\/p>\n
* Pinpoint where risks are coming from
* See how many vulnerabilities are tied to each detection method
* Drill into each group for focused remediation<\/p>\n
<\/p>\n
**3\\. New QQL Search Tokens**<\/p>\n
For advanced users, new **search tokens** allow granular queries:<\/p>\n
* _vulnerabilities.detectionSource.name_
* _vulnerabilities.detectionSource.firstFoundDate_
* _vulnerabilities.detectionSource.lastFoundDate_<\/p>\n
This makes it easier to track vulnerability lifecycles, understand patterns, and build dashboards or reports based on precise data.<\/p>\n
**4\\. Smarter Reports and Dashboards**<\/p>\n
Whether you’re exporting a vulnerabilities report or visualizing trends, the detection source now appears as a column in downloads and dashboard widgets. This gives stakeholders and security teams a clearer picture of where action is needed most.<\/p>\n
<\/p>\n
<\/p>\n
**5\\. Vulnerability Detection Sources in Reports
** Vulnerability detection source details are now available in CSV reports. To enable:****<\/p>\n
* Open your **Report Template**
* In the **Display** section, check Vulnerability Detection Sources<\/p>\n
<\/p>\n
Once enabled, exported reports include two new columns:<\/p>\n
* Vulnerability Detection Sources
* Latest Vulnerability Detection Source<\/p>\n
This added visibility helps you analyze trends, segment remediation based on origin (e.g., Cloud Agent vs. Scanner), and generate more actionable executive reporting.<\/p>\n
**6\\. Retrieve Detection Source via API**<\/p>\n
You can programmatically access Vulnerability Detection Sources via the Qualys API, enabling integration with external tools and dashboards.<\/p>\n
<\/p>\n
**Endpoint:**<\/p>\n
_\/api\/2.0\/fo\/asset\/host\/vm\/detection\/_<\/p>\n
**Parameter:**<\/p>\n
To include source information, use the following:<\/p>\n
_vuln_detection_source=1_ <\/p>\n
**Example XML Output:**<\/p>\n
25268746<\/UNIQUE_VULN_ID> 45046<\/QID> Info<\/TYPE> 1<\/SEVERITY> <\/RESULTS> 2024-06-26T13:27:04Z<\/FIRST_FOUND_DATETIME> 2025-03-14T21:12:06Z<\/LAST_FOUND_DATETIME> **< VULNERABILITY_DETECTION_SOURCES>Cloud Agent,Internal Scanner<\/VULNERABILITY_DETECTION_SOURCES>** ** Cloud Agent<\/LATEST_VULNERABILITY_DETECTION_SOURCE>** 1401<\/TIMES_FOUND> <\/DETECTION>
— <\/p>\nThis provides complete detection history, including the full list of sources and the most recent one.<\/p>\n
## **The Impact: From Uncertainty to Action**<\/p>\n
Imagine a vulnerability is detected within your environment. If identified by a Cloud Agent, it might indicate a misconfigured application or outdated package on a cloud VM. Conversely, if an external scanner uncovers it, the threat could be exposed to the public internet\u2014necessitating immediate firewall or perimeter control updates.\u200b<\/p>\n
By leveraging **Vulnerability Detection Sources** , you gain clarity on where vulnerabilities originate, enabling precise and timely responses.\u200b<\/p>\n
Building upon this, **TruRisk Eliminate** empowers organizations to go beyond traditional patching. It offers a comprehensive remediation approach that includes:<\/p>\n
* **Automated Patching** : Streamlining the deployment of patches to reduce threat exposure.\u200b
* **Configuration-Based Mitigations** : Implementing registry changes or configuration modifications when patches are unavailable or risky.\u200b
* **Device Isolation** : Quarantining high-risk assets to prevent the spread of threats within the network.\u200b<\/p>\n
<\/p>\n
With TruRisk Eliminate, you can proactively address nearly 100% of CISA Known Exploited Vulnerabilities (KEVs), ensuring robust protection even when traditional patching isn’t feasible. <\/p>\n
This integrated approach transforms your vulnerability management from reactive to proactive, enabling you to eliminate risks intelligently and by design.\u200b<\/p>\n
**For more details on TruRisk Eliminate and how it can enhance your cybersecurity strategy, click here:TruRisk Eliminate**<\/p>\n
## **Coming Soon: Support for Policy Audit**<\/p>\n
The benefits of detection source visibility don\u2019t stop with vulnerability management. **This capability is also coming toQualys Policy Audit in Q3, 2025.**<\/p>\n
In the near future, you\u2019ll be able to identify the exact sensor source that detected each compliance control failure\u2014whether it was a Cloud Agent, an authenticated scan, or another supported method. <\/p>\n
**This added visibility will help audit & compliance teams:**
\u2022 Understand the true origin of misconfigurations or compliance failures
\u2022 Take faster, more precise corrective actions
\u2022 Improve audit readiness and reporting accuracy<\/p>\n
Stay tuned for more updates as we bring this same level of precision and transparency to Policy Compliance assessments.<\/p>\n
**In Summary: Why This Matters**<\/p>\n
The _Vulnerability Detection Sources_ feature is more than just an enhancement. <\/p>\n
It\u2019s a strategic capability for any organization aiming to:<\/p>\n
* Improve decision-making
* Focus resources on the right problems
* Accelerate time to remediation
* Reduce the attack surface
* Prioritize external threats with increased TruRisk weighting
* Eliminate risk with clarity and confidence<\/p>\n
**Ready to take the guesswork out of vulnerability management?**
Contact Qualys Support or your technical account manager to enable vulnerability detection sources in Qualys VMDR today, and secure your environment with greater insight and precision.<\/p>\n
* * *<\/p>\n
**Ready to see how these features come together in action? Take a closer look at the vulnerability detection sources that power smarter security**!<\/p>\n
Learn More Today<\/p>\n
* * *\n<\/p><\/div>\n
View Advisory Details<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"Security Update News Update Information Title Eliminate Risk with Precision: Introducing Vulnerability Detection Sources in VMDR Update ID QUALYSBLOG:A78DD30AED65BEABE676CF17CDDB3CD9 Type qualysblog Published 2025-05-27T15:00:00 Last Updated…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[6,8,34,12,13,33,120,7,11,5],"class_list":["post-6035","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-cve","tag-cvss","tag-cvss-00","tag-exploit","tag-news","tag-none","tag-qualysblog","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n
Eliminate Risk with Precision: Introducing Vulnerability Detection Sources in VMDR - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=6035\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Eliminate Risk with Precision: Introducing Vulnerability Detection Sources in VMDR - zero redgem\" \/>\n<meta property=\"og:description\" content=\"Security Update News Update Information Title Eliminate Risk with Precision: Introducing Vulnerability Detection Sources in VMDR Update ID QUALYSBLOG:A78DD30AED65BEABE676CF17CDDB3CD9 Type qualysblog Published 2025-05-27T15:00:00 Last Updated...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=6035\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2025-05-27T11:37:48+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=6035#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=6035\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"Eliminate Risk with Precision: Introducing Vulnerability Detection Sources in VMDR\",\"datePublished\":\"2025-05-27T11:37:48+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=6035\"},\"wordCount\":1283,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CVE\",\"CVSS\",\"CVSS-0.0\",\"exploit\",\"news\",\"NONE\",\"qualysblog\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_news\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=6035#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=6035\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=6035\",\"name\":\"Eliminate Risk with Precision: Introducing Vulnerability Detection Sources in VMDR - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2025-05-27T11:37:48+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=6035#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=6035\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=6035#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Eliminate Risk with Precision: Introducing Vulnerability Detection Sources in VMDR\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Eliminate Risk with Precision: Introducing Vulnerability Detection Sources in VMDR - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=6035","og_locale":"en_US","og_type":"article","og_title":"Eliminate Risk with Precision: Introducing Vulnerability Detection Sources in VMDR - zero redgem","og_description":"Security Update News Update Information Title Eliminate Risk with Precision: Introducing Vulnerability Detection Sources in VMDR Update ID QUALYSBLOG:A78DD30AED65BEABE676CF17CDDB3CD9 Type qualysblog Published 2025-05-27T15:00:00 Last Updated...","og_url":"https:\/\/zero.redgem.net\/?p=6035","og_site_name":"zero redgem","article_published_time":"2025-05-27T11:37:48+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=6035#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=6035"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"Eliminate Risk with Precision: Introducing Vulnerability Detection Sources in VMDR","datePublished":"2025-05-27T11:37:48+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=6035"},"wordCount":1283,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CVE","CVSS","CVSS-0.0","exploit","news","NONE","qualysblog","Security","tapic","Vulnerability"],"articleSection":["category_news"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=6035#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=6035","url":"https:\/\/zero.redgem.net\/?p=6035","name":"Eliminate Risk with Precision: Introducing Vulnerability Detection Sources in VMDR - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2025-05-27T11:37:48+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=6035#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=6035"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=6035#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"Eliminate Risk with Precision: Introducing Vulnerability Detection Sources in VMDR"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/6035","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=6035"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/6035\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=6035"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=6035"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=6035"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}