Case 4:18-cv-07229-YGR Document 194-5 Filed 05/04/21 Page 1 of 60
`Case 4:18-cv-07229—YGR Document 194-5 Filed 05/04/21 Page 1 of 60
`
`
`
`
`
`
`
`
`
`
`
`
`
`EXHIBIT 16
`
`EXHIBIT 16
`
`
`
`

`

`Case 4:18-cv-07229-YGR Document 194-5 Filed 05/04/21 Page 2 of 60
`Case 4:18—cv-07229-YGR Document 194-5 Filed 05/04/21 Page 2 of 60
`
`@ Quolysa
`
`Qualys Cloud Platform
`Evaluator's Guide
`
`April 13, 2020
`
`FINJAN-QUALYS 419612
`
`

`

`Case 4:18-cv-07229-YGR Document 194-5 Filed 05/04/21 Page 3 of 60
`Case 4:18-cv-07229—YGR Document 194-5 Filed 05/04/21 Page 3 of 60
`
`Copyright 2011-2020 by Qualys, Inc. All Rights Reserved.
`
`Qualys and the Qualys logo are registered trademarks of Qualys, Inc. All other trademarks
`are the property of their respective owners.
`
`Qualys, Inc.
`919 E I-Iillsclale Blvd
`4th Floor
`
`Foster City, CA 94404
`1 (650) 801 6100
`
`FINJAN-QUALYS 419613
`
`

`

`Case 4:18-cv-07229-YGR Document 194-5 Filed 05/04/21 Page 4 of 60
`Case 4:18-cv-07229—YGR Document 194-5 Filed 05/04/21 Page 4 of 60
`
`Table of Contents
`
`GettingStarted
`
`Key Features of theUI
`Account Setup ..........................................................................................................................
`Installing Your ScannerAppliance
`
`Creating NetworkDoma1ns
`Adding Hosts forScannlng
`Controlling Access toAssets
`User Management
`
`contmlling user Accéés“:EO...App..s.
`
`You re Now Ready
`
`Mapping YourNetwork 15
`
`Running a Map ....................................................................................................................... 15
`16
`MapResults
`18
`SchedulingMaps
`Map Targets ........................................................................................................................... 19
`19
`MappingSummary
`
`Scanning for Vulnerabilities
`
`20
`
`21
`Starting aScan
`23
`ScanStatus
`Scan Results ........................................................................................................................... 24
`27
`28
`28
`.. 29
`32
`33
`
`Scheduling Scans
`Scanner Parallelization
`Selective Scanning usingSearchLists
`PCI Scans and Compliance...
`Vulnerability KnowledgeBasem
`ScanningSummary
`
`Search, View, Prioritize
`View Your Dashboard”
`View Asset and Vulnerability Deta1ls
`Run a Prioritization Report...
`
`34
`
`34
`36
`.. 38
`
`Reporting and Remediation
`
`39
`
`LaunchingReports
`AccessingReports
`Sharing Reports ..................................................................................................................... 41
`.. 41
`Scheduling Reports.
`Trend Analysis andDifferentlal Reportingif:i:iiii:f:fiIiiiiiIif:iiiiiiiiffiff1:1.
`44
`.. 49
`Scorecard Reports
`
`39
`4O
`
`FINJAN-QUALYS 419614
`
`

`

`Case 4:18-cv-07229-YGR Document 194-5 Filed 05/04/21 Page 5 of 60
`Case 4:18-cv-07229—YGR Document 194-5 Filed 05/04/21 Page 5 of 60
`
`PatchReports 51
`ReportingSummary 52
`RemediationSummary 52
`
`Wait, there'smore! 53
`
`53
`Policy Compliance
`.54
`Add Cloud Agents
`.55
`Get RealTime Security Alerts
`Scan Your Web Apps and APIS for Vulnerabilities ............................................................ 56
`
`Support andTraining 57
`
`57
`...
`Contact Support...
`57
`Free Training and Certification
`Our OnlineCommunity... 57
`Looking for userguides?
`57
`New Feature Announcements and Platform 5tatus.
`57
`
`FINJAN-QUALYS 419615
`
`

`

`Case 4:18-cv-07229-YGR Document 194-5 Filed 05/04/21 Page 6 of 60
`Case 4:18-cv-07229—YGR Document 194-5 Filed 05/04/21 Page 6 of 60
`
`Dear Evaluator,
`
`First, thank you for taking the time to evaluate Qualys Cloud Platform, an integrated suite
`of security and compliance applications. Today you must do everything to protect your
`network from the myriad of new threats, discovered almost every day, and meet
`compliance. Although you need to fully evaluate a solution for your enterprise time is not
`on your side. You need a solution now and your risk increases every day you wait. We have
`produced this Evaluator's Guide to help you use your time more efficiently
`
`Toward that end, we had several objectives for this document. One was for it to be
`reasonably concise. In addition, it had to be structured to enable you to apply the primary
`functions — mapping, scanning, reporting, remediation, and policy compliance — while
`offering you the option to explore deeper into sub-functions.
`
`The Evaluators Guide helps you test the product highlights without limiting your options,
`We urge you to apply Qualys to a network of your choice. That is the only way to get a true
`sense of its capabilities. For demonstration purposes, Qualys has an Internet facing
`network with a handful of IP addresses that you may want to scan first before scanning
`your chosen network. Please feel free to do that. We will be happy to provide you with the
`current IP addresses.
`
`At various steps in the Evaluator’s Guide, you will see procedures and screen shots designed
`to simplify every aspect from authentication to remediation Also there will be references
`to sections in the online help, which is available from every location in the user interface,
`for more details.
`
`One of the biggest hurdles in using an enterprise information security management
`solution is the installation and deployment. With Qualys, this is eliminated. You interact
`with the solution using a Web browser that allows you to log onto Qualys to start the
`mapping, scanning, reporting, remediation, and policy compliance processes.
`
`Should you have any questions during this process please contact your Qualys
`representative or Qualys Support at www.qualys.com/support/.
`
`Again, thank you for evaluating the Qualys Cloud Platfonn.
`
`Sincerely,
`
`Qualys, Inc.
`
`LG
`
`FINJAN-QUALYS 419616
`
`

`

`Case 4:18-cv-07229-YGR Document 194-5 Filed 05/04/21 Page 7 of 60
`Case 4:18-cv-07229—YGR Document 194-5 Filed 05/04/21 Page 7 of 60
`
`Getting Started
`Key Lr:_-a_ti.'_1'cs of the UL
`
`Getting Started
`
`All of your interactions with the Qualys solution will be through the Secure Internet
`Interface. After registration for the trial, you will receive an email with a secure link to a
`user name and password and login URL. This is a one-time-only link. Once you have
`connected to the Web page, neither you nor anyone else can do so a second time. This
`protects you in the event someone intercepts your email. Your login is fixed and assigned
`by Qualys. Your password is a randomly generated “strong” password to begin and you
`may change it at any time.
`
`To log in to the Qualys user interface, go to your account registration email and click the
`login URL link.
`
`Key Features of the UI
`
`Let’s take a quick look at the Qualys user interface and some of its key features.
`
`Security and Compliance Suite
`
`Our integrated suite of solutions is presented in a single View.
`Simply choose the solution you’re interested in from the
`module picker and get started right away. See an example of
`the picker to the right.
`
`Easy Navigation
`
`Once you’ve selected the application you want, you’ll see menu
`options across the top of the screen representing the main
`sections of the application. Each section provides workflows
`specific to the application.
`
`Dashboard
`Vulnerabiilies
`Pruittzsliun
`5cm:
`Reports
`Remediation
`Assets
`Knmvlesgeflase
`Lieu:
`‘
`
`‘-..-I-.-.-Iu|u-
`slur-tum”.
`.' '|.Iu--- I '|Ir|lll-'-
`.-'...|rIn-»-n-.-1|.nr-
`""pfl'l'l. :
`|-.1..
` w.
`
`man
`um v.11
`:- Mnlscan
`.
`lfl'l‘If‘P-‘EIDIII 1.11
`'.1i|‘-JIDZ-‘.EI-'l"l‘m
`
`
`Interactive Filters with Visual Feedback
`Use filters to change your data list View.
` mm
`-"-W:<1ul-E-
`Amman-re:
`. uni gr I
`-n-'|I-.-v.
`Annual“ 1 amu-
`.-:r. Arm '. -:-.'r
`q-L-m
`
`WV |.-‘._. at v
`HNIMMYMI
`
`
`My
`Willi
`
`
` Mr Sam
`arrow 1:
`‘1 2an Sean
`
`
`
`nlnammr. Sewn
`to: sm-
`
`‘o‘uaui-nwmmw
`. ‘fll'J‘Jli-I'JIIJ'UIED
` :Im Funnels“:
`
`ram-c Sui
`
`Hmmag stuns
`Baum sum
`
`
`omega 5.1!:
`Human suns
`
`
`mg», a...»
`
`
`
`VMDR
`
`I‘lfllfil'liiuu'lllili 55111.11?" I“
`_
`_ was
`“Mill? Leg:
`
`sat-gustateunsia- i=1 1-:
`
`_
`
`.
`.,
`...
`....“ :...,
`n unanimous erming
`|.. __....-._. ...
`p.-.- —.-7.-\
`“ canmursemrm
`final :wtecnun
`.-.-_J---_=-
`-|-- 41-
`1".-.-_‘ _.__.£__:\; -J!‘.'
`
`:-
`
`n mam-rm Ia:
`ennui“
`._.-_-=.c..,--:-_--'t-.; _-_---.;t=.-
`
`NJ
`
`Global a.- assmmemr;
`l.':*:1‘|_
`.n . 7.7;
`
`:.
`
`.77...
`
`g... ..\. .
`.
`_.
`n Patti) Mmeqemem
`bLLU‘dI! \' LI'LHhiiL‘Hb Ell
`Inulcatlon Mcamptmmse
`-...-..._.
`...
`I." .
`:-:.-
`
`IDL'
`
`nrrm mar ls;
`_ _
`Uut-cf-Bmdtonfigwaunn Assassins!“
`I._.II_I.E\
`I.
`~.
`.~-:-r -r1--‘..,t_..r.. .3.-._ _..-_-.‘...:
`
`Pulr‘l‘.’ Compliance
`Lc'-.-_ LL:‘.'. E:.'.."'-J‘ ' I-..'.i
`
`'. ’.:":I.' .-.
`
`ssnlenl muslin" Mm
`.. ---.- ----.-- .--.- l‘r-m-w
`
`fauna-«...:—
`
`
`.'.-.-;.-
`..--..
`.-!.
`-
`'l
`.l-
`" PEI [empliance
`It
`..
`I:
`.:|.\.-..
`n his Integrity Mumsorln;
`:Fhll‘dllllri :H-UH In' :El
`Web
`lmabouSum-I
`.
`it“...
`3?
`
`H'lsll‘flffi‘u‘lilfflJfll Il_|
`
`W.
`
`FINJAN-QUALYS 419617
`
`

`

`Case 4:18-cv-07229-YGR Document 194-5 Filed 05/04/21 Page 8 of 60
`Case 4:18-cv-07229—YGR Document 194-5 Filed 05/04/21 Page 8 of 60
`
`
`Getting Started
`Sic-y 1 r3:
`cs of the U;
`
`Customize Your View
`
`You can hide columns, change the sorting criteria and specify the number of rows to
`appear in each list. To do so, use the Tools menu above the list, on the right side.
`
`Ilznr:
`user
`m
`m
`If ”'7'”
`
`i.
`Emmi-nu.
`um 9M. -
`|
`iEZ‘.‘ W
`m
`V FEIIIEI‘CI
`1 am
`_'
`fimllyPnnVIf
`.1}. filial
`M Lbuwaa
`
`
`=amrx summer
`=EMO§|I1INI
`
`Eran-1580167165 mos
`fiend-3815331505556
`
`"Lu-mo
`nL'Z'h'Z‘JPD
`
`Actionable Menus
`
`make actions on a single item using the Quick Actions menu. Place your mouse cursor over
`the data list row to see the drop—down arrow. Then click the arrow to see the possible
`actions you can take. For example, view or download scan results for a finished scan.
`\I til-uIIIIu"
`hurl-hurl ".-‘
`" 'IIltmn I 'u-llk".
`Illi'llH-I-II .Ilu'.r
`‘4”..I'I II | l'.|
`.‘iullir
`
`-' . .n.~..n2..r1n1mw
`
`
`
`make actions on multiple items in a data list. Select the check box for each item in the data
`list your action applies to and then select an action from the Actions menu above the list.
`You’ll notice that the Actions button displays the number of items that you’ve selected.
`a'.|..|:I...-.u:-.
`: ::.|..... I
`'.. mm.
`a‘...n1I.-=.-.._.|.._...
`we“. |- l r--‘.".
`mm...
`
`
`
`
`
`.'
`-
`
`Cm
`on.“
`um
`
`'
`
`:
`
`..
`.
`Tn“?-
`n‘mn'u ’
`u mean mum
`
`
`Contextual Setup
`
`Setup options are available Where you need them. For example, setup options affecting
`scans and scan results appear on the Setup tab in the Scans section.This means you don’t
`have to leave the Scans section to setup your configurations or set global scan options.
`The setup options avail able to you depend on your service level and s ubscription settings
`"he ability to edit setup options is detennined by your role and permissions.
`
`'aLsur.
`'Zrhe-‘iuh'n'
`Ftp:- ar-‘es.
`"-rinot- "ran-‘v:
`.-\ifih.=r.Dr.ati.:--':
`'-ee'-'n UHF.
`
`
`Storage
`Excluded H0515
`Dlasoli. aule Agar-l
`PCI Accouul Links
`““5 "ll" ‘0") will on?“ H.991! WI IEGII'” 0 WI!
`Can-1n": J WM me WMII'I” I‘M wanna II)‘
`”WM-Ml I|5| EVER)" I' niamchw-I 80-653
`MN Illll ll: [’6' WWIM'UNEMKSWNE ”Cl
`MIR
`fllilllm
`Mllmlanttnflm .1le Hum
`“Jr-I IN
`
`
`
`Scheduled Scans
`In." Rfllllllllfl MM.“
`
`Agentless Tracking
`«up: Age-mu inning... mama mum. noul
`tumult)
`
`Scanner Tmsted CA
`tame a tamm (mu. nluuwn writeup
`“:le
`
`DMS Tracking
`inseam-:- 'rwm: wrmls wre- mr n.1-
`...-nmm-uww
`
`D- )
`an I
`30 ]
`:lr. l
`
`
`
`
`'3
`
`FINJAN-QUALYS 419618
`
`

`

`Case 4:18-cv-07229-YGR Document 194-5 Filed 05/04/21 Page 9 of 60
`Case 4:18-cv-07229—YGR Document 194-5 Filed 05/04/21 Page 9 of 60
`
`Getting Started
`A nicount 532:? :1
`
`Account Setup
`
`Now that you're familiar with the user interface, let’s perform a few key tasks to setup
`your account. You'll need to install your scanner appliance, add domains for mapping,
`and add hosts (IP addresses) for scanning. We’ll also look at how you can organize your
`assets and users.
`
`Installing Your Scanner Appliance
`
`By installing a scanner appliance within your network, you will have the ability to do
`vulnerability assessments for your entire network. We offer both physical appliances and
`virtual appliances for ease of integration with your network environment. The scanner
`appliance features a hardened OS kernel, is highly secure, and stores no data. It’s
`recommended best practice that you create dedicated user accounts for installing scanner
`appliances, so that changes in account status do not affect scanner appliance availability.
`For the purpose of this review, you will simply install your scanner appliance using the
`same login and password you are currently using. Go to VMNMDR > Scans > Appliances
`to set up a 14 day trial of Qualys Virtual Scanner.
`
`Creating Network Domains
`
`Qualys uses a domains concept for its network mapping process. “Domain” in this context
`is our name for a DNS entry, for a netblock, or for a combination.
`
`To create such a domain, you select‘‘”Assets on the top menu and then select the
`
`
`“Domains" tab. Go to New > Domains. Here you will specify a domain or a netblock of iPs.
`
`Once you have typed them into the New Domains pop— up, click‘‘".Add A notice will appear
`reminding you that you must have permission to discover (map) the specified domains
`and netblocks. Click “OK”. You will be returned to the domains list, and the added
`domains will now be shown.
`
`When specifying domains, you may add existing registered domain names recognizable by
`DNS servers on your network, such as “mycompanycom”. Also you have the option to add
`a domain called “none" with netblocks (one or more IP addresses and IP ranges).
`
`Qualys provides a demo domain called “qualys—test.com" for network mapping. This
`domain may already be in your account. If not you can add it yourself. Note that the
`devices in the demo domain reside in Qualys Security Operations Centers, so the Qualys
`Internet scanners can be used for mapping this domain.
`
`Adding Hosts for Scanning
`
`The service supports network scanning and compliance scanning. Host assets are the IP
`addresses in your account that may be used as scan targets.
`
`In preparation for network scanning, you need to tell us which IP addresses and/or ranges
`you wish to scan. Select "Assets" on the top menu and then select the “Host Assets" tab.
`Go to New :> [P Tracked Hosts.
`
`FINJAN-QUALYS 419619
`
`

`

`Case 4:18-cv-07229-YGR Document 194-5 Filed 05/04/21 Page 10 of 60
`Case 4:18-cv-07229—YGR Document 194-5 Filed 05/04/21 Page 10 of 60
`
`Getting Started
`IIII.'.'-1it1'u3Lii:’.;7-, A}:
`1-; to A3 :. ct;-
`
`The New Hosts page will appear. In the section titled “Host IPs" enter the IPs for which you
`have permission to scan. You'll see the check box “Add to Policy Compliance Module” if
`the compliance module is enabled for your subscription. Select this check box ifyou want
`the new IPs to also be available for compliance scanning. At the bottom of the page, click
`the “Add" button. A notice appears asking you to verify that you are authorized to scan the
`IP addresses being added. Select “OK." The host assets list will now return to your display,
`and the newly added hosts will be added to the list.
`
`How can I discover hosts?
`
`You can discover the devices on your network starting from a domain or netblock. Then
`add the IPs to your account using the workflow from the Map Results report.
`
`Tell me about tracking hosts by DNS and NetBIOS.
`
`You’ll notice that you have the option to add hosts tracked by DNS and NetBIOS
`hostname, which allows for reporting host scan results in dynamic networking
`environments. For example, you may want to use DNS or NetBIOS hostname tracking if
`
`the hosts on your network are assigned IP addresses dynamically through DHCR
`
`Tell me about support for virtual hosts.
`
`A virtual host is a single machine that acts like multiple systems, hosting more than one
`domain. For example, an ISP could use one server with IP address 194531091 to host two
`Web sites on the same port: www.merchantAcom and www.merchanthom. To ensure
`that the scanning service analyzes all domains when the host is scanned, set up a virtual
`host configuration for this IP address and specify the port and fully—qualified domain
`names. Select the "Virtual Hosts" tab under "Assets". Then go to New > Virtual Host to
`create a new virtual host configuration.
`
`Controlling Access to Assets
`
`You can control user access to assets (scanner appliances, domains and hosts) by
`organizing them into user-defined asset groups and then assigning these groups to users.
`This is how you limit users to certain assets in the subscription.
`
`Select “Asset Groups" under "Assets" to view your asset groups. Go to New > Asset Group
`to add a new asset group. Asset grouping offers great flexibility, allowing you to assign
`assets to multiple asset groups.
`
`.|I
`
`WUF
`
`V
`
`Rfinons Remetliahnn- rm'iaigeflase Users;l
`Flammam Vulrsmmlma'
`Prinrl-zantn
`Soar-
`p
`-'-.-_‘..
`-.-.....«..-r
`:-u.-...-. -m.-.-
`arms-n-
`'.-.r;.n.1m.—...-.
`.-.-
` nus
`
`I
`
`. {Pa
`mill-JR. ll lulu'w
`.161
`m:'|:._'.|. m :9 5532
`.26?
`.
`
`
`Ems
`
`To view infonnation associated with an asset group, click anywhere in the data list row for
`the group you’re interested in, then click the down arrow B that appears in the row to see
`the Quick Actions menu. Select "Info” from the Quick Actions menu.
`
`Ml
`
`FINJAN-QUALYS 419620
`
`

`

`Case 4:18-cv-07229-YGR Document 194-5 Filed 05/04/21 Page 11 of 60
`Case 4:18-cv-07229—YGR Document 194-5 Filed 05/04/21 Page 11 of 60
`
`Getting Started
`'....' F- _-1 -.‘-Jl&.11<1§|2'111r3117
`
`You may wish to go one step further and organize asset groups into business units. This
`allows you to grant management responsibilities to dedicated Unit Managers. Unit
`Managers are tasked with overseeing assets and users within their respective business
`units. Business Units are managed in the “Users” section.
`
`Following is a typical example of how an enterprise might segregate their assets into user—
`defined business units:
`
`1. Start wllh all name In
`the submiptim.
`
`2. Spllt assets Into
`logical asset gmups.
`
`
`
`
`
`
` Sunscripaon Assess
`IP5:1¢.1D.10.1-10.1 0.10255. H.41.i34.59fl41.134_61
`Domini: mllyfilflll cam. mlyluml
`Scmner Applimea: ca_smner. nmeImel. fr_mnner. de_sumnl:1'
`
`
`
`
`
`
`Mu! Group c-ufornll
`Aunt mup New York
`”III Group Francs
`mat Gmup Germany
`
`
`
`10.1 0.10.1 -1 0.10.1130
`10.10.10.61-101 0.10 130
`10.10.10.131.10.10.10.1N
`10.1 0.10 .181-10.1D.10355
`
`
`su1.134.53—ad.41.134m
`Wanna
`qualysnam
`Min-com
`clLI-EI‘IM
`
`
`
`
`ny_ur:nmar
`"Jamar
`GQ_|CIDM1'
`
`
`
`
`
`
`
`
` Business Unfl USA
`Buglnm mm Europe
`California
`Frunm
`
`New York
`
`Germany
`
`
`
`3. (Dmlonal) Organize
`asset group: into
`business units.
`
`
`
`
`
`User Management
`
`User management capabilities allow you to add multiple users with varying roles and
`privileges. Each user is assigned a pre-defined user role which determines what actions
`the user can take. The most privileged users are Managers — they have full privileges and
`access to all assets in the subscription.
`
`Managers and Unit Managers have the ability to manage assets and users. Managers have
`management authority for the subscription, while Unit Managers have management
`authority on an assigned business unit only.
`
`Scanners and Readers have limited rights on their assigned assets. Scanners can launch
`scans and run reports. Readers can run reports.
`
`Auditors have compliance management privileges. Auditors cannot run compliance scans,
`however they can define policies and run compliance reports. Auditors only have visibility
`into compliance data (not vulnerability data). This role is available when PC is enabled for
`the subscription.
`
`FINJAN-QUALYS 419621
`
`

`

`Case 4:18-cv-07229-YGR Document 194-5 Filed 05/04/21 Page 12 of 60
`Case 4:18-cv-07229—YGR Document 194-5 Filed 05/04/21 Page 12 of 60
`
`Getting Started
`'....' _-1 315.115.9211] on?
`
`A Remediation User has limited access to the UI and can access only remediation tickets
`and the vulnerability knowledgebase. Remediation users do not have any scanning or
`reporting privileges. A Manager can assign Business Unit and Asset Groups and also
`tickets generated by policy rules for assets (asset groups) to the Remediation User.
`
`A KnowledgeBase Only user has limited access to the UI. They can send and receive
`vulnerability notifications and vievvr vulnerabilities in the KnowledgeBase. (This role is only
`available when this feature is enabled for your subscription. Only a Manager can assign
`this role.)
`
`A User Administrator user will only have access to users, assets groups, business units
`and distribution groups. Users with this role can create and edit all types of users, except
`other User Administrators. They can edit and delete Manager users as long as there is at
`least one Manager account remaining in the subscription. That means the User
`Administrator cannot delete the last Manager account and cannot change the role for the
`last Manager account. The User Administrator does not have permission to delete
`business units, distribution groups, or asset groups.
`
`Contacts have one permission only - to receive scan email notifications.
`
`A typical deployment will have multiple users with multiple business units as depicted in
`the following chart:
`
`
`
` John Ll:
`I'Imauet (‘1
`lunaw
`AI 8886.5
`AI assets
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`The Qualys solution provides great flexibility in defining users, asset groups, and business
`units to reflect the organizational structure and business requirements for the enterprise.
`
`Note: For Express Lite accounts, you can add a total of 3 Manager users (no other user
`roles are available), and Business Units are not available.
`
`FINJAN-QUALYS 419622
`
`

`

`Case 4:18-cv-07229-YGR Document 194-5 Filed 05/04/21 Page 13 of 60
`Case 4:18-cv-07229—YGR Document 194-5 Filed 05/04/21 Page 13 of 60
`
`Getting Started
`L? 5 er Management
`
`Adding Users
`
`On the top menul select "Users". Then go to New > User. You can add users to your
`account, assign them roles, and associate them with business units.
`
`IIMIIIR
`i
`
`Remusdmlmn Assets Knowlmgaflass.
`Rayon;
`Scans
`Pinonmmn
`Vuinalaminlus
`Dashboard
`LIL-INJNIFm rims-:1
`
`
`Bulifllu Uri
`‘. Boll
`51H
`Eumnu
`9mm
`Ham Sign
`Eulooe
`L;Iul manage
`MM K069! -
`unaulgne:
`Mums
`me almlr -
`
`
`In the “General Information” section the account creator provides general user
`information like the user’s name, business title, and contact information.
`
`
`'iwn Bmoe Farm-1r
`52’“ M
`
`'ueowood (tr
`unun men of mam
`, uIn-m:
`Imus
`
`'
`
`rum-m l
`"Hum 1
`
`on.“
`ommrr '
`.
`km
`’JF‘Couo.
`gum H:
`
`(am-m
`Till! ‘
`Phonl '
`“9
`2 :1- Hail 2:5 ‘
`a.
`.
`
`-
`
`melg Inn
`|r Mama:
`'
`till Wt 01.0“
`
`-
`m-tmmmum
`
`Um aqua
`UserRol!
`-
`Almwaccessw
`Elminnssnr‘l"
`
`' ”twang.
`I7 GUI
`:— IFI
`. w.“ (m,
`
`.'.--|||'I.I:lIHI-II'I.inI.|1I
`General Infonnalion
` fimIEume '
`5d
`um um
`LuslelE. -
`mans
`
`Ame-nun
`wanna
`tum-a
`sum
`
`_Jm“-
`
`NEW UE-EI'
`
`
`”WWW“
`
`Go to “Permissions" to assign permissions to the user. Different pennissions appear for
`different user roles. The example below is for a Unit Manager role.
`
`‘10
`
`FINJAN-QUALYS 419623
`
`

`

`Case 4:18-cv-07229-YGR Document 194-5 Filed 05/04/21 Page 14 of 60
`Case 4:18-cv-07229—YGR
`Document 194-5 Filed 05/04/21 Page 14 of 60
`
`Getting Started
`User Management
`
`Emu FWIQBP
`ulwms usol hawk-m aw haw-"g adwn:
`:I; ”mallow maul.
`7! t-maswunvemmnnon mum
`E alumni-mm hfli'fi
`.' - and um
`7 Grape wnnn WWII!“
`ulue nnal illrulnullnnmislnn
`. cum Iufiionlluiunrmmwlun:
`Mi’iW- PI: mun»
`' imnmmuemwons
`_ Cwmdn commune! wllclu
`5:121: us El Dailed :nnlrali
`. UBdiWDII' Ulorfiwilw GWIWII
`_ Immune-”n awnmms
`_ cnaan wan aounmona
`12' Man. vmal luv-III um.
`" "mane dullne swnpranullencn
`
`iDallrLrnulle ml: undue!
`
`Naflfluflw Options
`The Mllnwlng ulecuanswn configure Men lnl! mermll Mame mnnnnms m null: um Manner MII
`rename Inem In:
`lanai Calllrdm
`Mum:
`Mummy weelllr
`um Umaarfinm
`dweelnr nail, slime
`sal- (minimum-tum:
`I! On -_ m
`Sail Sllmmirl Hullfimuon EWIWIIUIVmIIi DIM:
`I on -. DI
`“I’m“
`g nn _. DI
`meulhlr.
`-
`Ni manna " MINWrIiao Nu mullahs"
`Hm Nmmn:
`My imam No nonam'nn
`marlinmwmaa:
`fl eunmrlwlmu hum-“Inna
`mnlmml:
`_-
`
`Now go to “Security” and you can select VIP two-factor authentication for the user, or
`enable SAML 880 for the user [when this option is enabled for your subscription). If both
`options are turned on, VIP will be ignored and SAML 830 will be. used. (Tip: Managers can
`require VeriSign VIP or SAML 880 for all users by going to Users > Setup. For VeriSign VIP.
`select Security. For SAML 880, select SAML 880 Setup.)
`
`NEW User
`
`M35!" loam We» MP!
`Li.“W
`H we Mir-Puma aumamcallwl
`I'Jnte Tris ncmun annulus mF Mu-ramrammunon In LEeiE In lulu-run Dunn's UIJI ms
`“mug unpam Ul am: out;
`
`yum-n
`Idmflll
`lullcllon
`
`‘JJ Enanle ML 33::
`
`am 380
`
`ll
`
`FINJAN-QUALYS 419624
`
`

`

`Case 4:18-cv-07229-YGR Document 194-5 Filed 05/04/21 Page 15 of 60
`Case 4:18-cv-07229—YGR Document 194-5 Filed 05/04/21 Page 15 of 60
`
`Getting Started
`'...3 .-’- or Eviairaf-JZ-inon?
`
`About SAML 550
`
`When SAML SSC) is activated for a user account, the user will no longer log in to the
`service using their service credentials. Instead, users will click a link to enter a username
`and password to authenticate to their identity provider (IdP). Upon successful
`authentication, the IdP redirects to the service‘s Assertion Consumer Service URL, the
`service validates the contents of the response, resolves the usemarnes and starts the
`user’s session.
`
`The account must have these settings:
`
`1) SAML SSO must be enabled for your subscription by support or your account manager.
`
`2) The New Data Security Model must be accepted for the subscription. A Manager can opt
`in by going to Users > Setup > Security.
`
`How to enable SAML $50 for all new users
`
`Managers can go to Users > Setup > SAML 550 Setup and select the option “Enable SAME
`SSC) for new users".
`
`How to enable SAML 550 for select users
`
`Go to Users > Users and edit the user‘s account. You'll see the SAML SSO option in the
`Security section.
`
`About VeriSign VIP Support
`
`When VIP is enabled for a user, the user completes a two-part process to log in to our user
`interface. The user will enter login credentials (login name and password) followed by VIP
`credentials (VIP credential ID and one-time security code).
`
`Note — VIP two factor authentication impacts UI access only (not API access).
`
`How to enable VIP authentication for all new users
`
`Managers can go to Users > Setup > Security and select the option “Require VIP two—factor
`authentication for all users".
`
`How to enable VIP authentication for select users
`
`If not enabled globally, a Manager can enable VIP authentication individually for specific
`users. Go to Users > User Accounts and edit the account you’re interested in. Then select
`the option “VIP two-factor authentication” under Security.
`
`How to enable VIP authentication for yourself
`
`All users with login privileges can opt in for VIP authentication by registering their own
`VIP credential with our security service. Edit your own user account, go to the Security
`section and register your credential.
`
`I don’t have a VIP credential. How do I get one“?I
`
`You can get a credential from the VeriSign Identity Protection Center at:
`hIt‘ps:X/idprotect.vipsyrnanrec-torn or https:X/vipsyrrranteccsorn. Each VIP credential
`bears a credential ID and allows the user to generate one-time security codes as needed.
`
`'I
`
`:2
`
`FINJAN-QUALYS 419625
`
`

`

`Case 4:18-cv-07229-YGR Document 194-5 Filed 05/04/21 Page 16 of 60
`Case 4:18-cv-07229—YGR Document 194-5 Filed 05/04/21 Page 16 of 60
`
`Getting Started
`{Lor_tr:::-'_ii::g 1.? ::cr Access To Equine
`
`Controlling User Access to Apps
`
`You can grant a user’s account access to various apps on our Cloud Security Platform.
`
`Grant access to VM, PC, SCA
`
`(Managers) Edit a sub—user's account to grant access to these apps: VM, PC, SCA. Select
`“Manage VM module" to grant access to VM, "Manage PC module" to grant access to PC or
`“Manage SCA module” to grant access to SCA. Only apps enabled in your subscription are
`available, Clear any of these options to take away access,
`Eml U581
`
`Guam imam
`Ext-rum Plrrniuhnl
`Locale
`IJI-r Ham
`
`Note - Depending on the
`user’s role you may see
`additional permissions
`for each app.
`
`J gar-m '1'“ WWI!
`elE'J‘t'WflW-WIIIIII Mllr.
`
`
`
`
`ncl norm-
`xfierdeh‘dE
`um blfinld Car-ca:
`
`
`
`Grant access to other apps on our Cloud Security Platform
`
`(Managers) Use the Administration utility (last option in the app picker) to View and
`manage users and grant access to applications like WAS, WAF, CA, CM, SAQ, etc. On the
`User Management tab you’ll see the apps each user has access to. Access is role based.
`Adrnlnlsuutlm.
`y
`then
`nut-nu L-jg
`
` E ”52' Mafia‘uln‘ml use: Marxism-rm
`
`
`
`Userslzneyeom m rm,
`
`
` Total active users 100%
`
`._
`.
`
`- tum.
`
`- mm
`
`M»...
`
`imm-
`
`Emu
`
`. “M
`-" ”mm-MM,” ...
`ll
`rim-c... m.<.-_ .1l:
`rm”
`
`mun-um-
`:9"!
`a-fl-j-x-
`unann— cw-
`
`“'-
`
`K"
`.1,
`
`‘1'%
`
`FINJAN-QUALYS 419626
`
`

`

`Case 4:18-cv-07229-YGR Document 194-5 Filed 05/04/21 Page 17 of 60
`Case 4:18-cv-07229—YGR Document 194-5 Filed 05/04/21 Page 17 of 60
`
`Getting Started
`1': \_ n: '_-:o'-\I.-' lac-err;
`
`Go to Users > Role Management to View, create, edit roles with various permissions and
`access.
`rminhruion
`Us.“
`Ashen mg
`
`In
`
` E I.l.=.er Manager-lent
`
`9%
`-
`
`:1
`
`mm
`ll
`a
`
`mm
`
`Ion! Inod ml“
`-:
`.I
`
`—.
`
`a. I ------
`_ Im—
`_ HEADER
`3c
`.0
`
`um taxman
`
`A mum
`inn-Dalrun-
`can»! w-
`
`|lnl mug-run-
`
`You’re Now Ready
`
`At this point, you should have successfully obtained authorization, logged in, created
`domains for mapping, added hosts for scanning, and are ready to begin mapping and
`scanning. If any of the preceding steps failed to provide results similar to those in this
`setup section, please email or call Qualys Support before continuing. The sections to
`follow walk you through the primary functions of the Qualys solution, including mapping,
`scanning, reporting and remediation.
`
`‘1 -’l
`
`FINJAN-QUALYS 419627
`
`

`

`Case 4:18-cv-07229-YGR Document 194-5 Filed 05/04/21 Page 18 of 60
`Case 4:18-cv-07229—YGR Document 194-5 Filed 05/04/21 Page 18 of 60
`
`Mapping Your Network
`Running, a Map
`
`Mapping Your Network
`
`Before you can map a portion of your network, you have to tell us how you would like it to
`perform that mapping. This is called a “Network Map Profile."
`
`Under Scans, select the “Option Profiles” tab, and then go to New > Option Profile. A New
`Option Profile page will open. Give the new profile a title, such as “Network A Map”.
`
`Go to the “Map” section of the option profile. Scroll down to the Options section and make
`sure the ”Perform Live Host Sweep" option is selected. This option will allow you to map a
`domain and identify hosts in the netblock. If you’re mapping an internal domain or
`internal lPs, then scroll up and select the option “Netblock Hosts only" for basic
`information gathering. Feel free later to try different selections for your map profile, but
`for now, select the “Save” button to save the option profile.
`
`Running a Map
`
`Now you’re ready to run your first map. Select the “Maps" tab in the “Scans” section. The
`maps list appears. Go to New > Map.
`
`WDR
`v
`Dashboard Wir‘arsba'iiilas
`
`Friorfantlon
`
`Suns
`
`Reports
`
`Ramedueicn
`
`Assets
`
`K1owe-dgafiasa
`
`Users
`
`
`
`Tine
`
`| In
`
`I
`
`mm Iflel
`rm_
`‘lwnao Ems-n nation-o «to "re“. Flaasemmr. MI lean on auIILlli men
`
`Jonah l'rtiric.‘
`
`“Ll.r|'.‘i|-'.|'Z-J|'l".-‘l'-
`
`:~.-..irr_'r' IJslII.
`
`._‘I.'!u-..
`
`
`
`The Launch Map pop—up appears, as shown below.
`
` mum. Map
`Enter the name "First Map" in
`.
`the “Title" field and select your
`1......mmm,”stamimta
`new map profile (eg. “Network
`Qumrallnfnrmanun
`:.W”.....°°““‘“*"““““‘““““’“°‘5‘“ A Map”) from the “Option
`hm.
`Ffil V-E
`Profile" menu.
`wr'lm Prim
`menu. a. m:
`I
`L'
`'.'lrl'
`
`The “Scanner Appliance" menu
`appears when your account
`includes a scanner appliance.
`When present, select the name
`of your scanner (required for
`mapping private use internal
`[P5) or External for external
`scanners.
`
`‘1 G
`
`FINJAN-QUALYS 419628
`
`
`
`Thrwl Domain:
`
`wasmuss
`Mam
`W...“
`as“ mm.-
`- P-
`“H“ “mm"
`
`. 1%
`
`"1'“
`
`Nwflcauon
`
`
`. .W
`
`M... _am._r_'
`
`

`

`Case 4:18-cv-07229-YGR Document 194-5 Filed 05/04/21 Page 19 of 60
`Case 4:18-cv-07229—YGR Document 194-5 Filed 05/04/21 Page 19 of 60
`
`Mapping Your Network
`Mail Liars-4J5
`
`
`In the “IDomains/Netblocks” field, enter the domain you already added or click the “Select"
`link to choose a domain from a list of domains in your account. In the example shown, the
`domain “qualys-testcom” is selected. (You can also map IP addresses and asset groups.
`See Map "i”a; gets to learn more.) Select “Launch” to start the map.
`
`The maps list is refreshed and your new map is shown with the status “Running". When
`the mapping is complete, the status changes to "Finished." Also, the Qualys service will
`send you a map summary email to the address with which you registered when the map
`summary notification option is enabled in your account.
`
`\illllDR
`
`v
`
`'
`
`'-
`
`.
`
`If
`
`Heinv
`
`Patrick 56mm :cuumis. v
`
`Lmnul
`
`Bast-bread
`
`Vuiearehullias
`
`Priorii'afitmn
`
`Scans
`
`Reports
`
`Remediation
`
`Awash
`
`Knrmhadgaflase
`
`Users
`
` ma
`
`Fllil “in
`
`Timon
`ULi