Qualys vulnerability management software helps you measure known and unknown risks, prioritize, and communicate risk across vulnerabilities, and patch any device anywhere. For more information, please refer to Qualys documentation.

Integration Method: API

Tables: Vulnerability Finding (2002), Device Inventory Info (5002)

This integration supports the following events.

This integration supports the following versions.

Prerequisites

• Access to Qualys dashboard with manager with full scope.

• Access to the DataBee Console.

• Asset must be part of an asset group to retrieve their vulnerabilities.

Configuration Overview

1. Create API credentials on the Qualys dashboard with required permissions.

   1. Create a user with the required permissions.

2. Add the Qualys VM feed in the DataBee console with the below parameters.

   DataBee Parameter	Qualys VM Report Parameter
   Username	Username
   Password	Password

Qualys Configuration

Create User

1. Sign in to the Qualys Dashboard.
    

2. Navigate to the Users tab.
    

3. Create a new user using the Users > New > User dropdown on the user page.
    

4. Fill in the required data in the “General Information” tab. Then Click on User Role.
    

5. In the “User Role” tab, fill in the role details and make sure we have allowed access to both API and GUI.

   1. User Role – Manager

   2. Allow access in – GUI, API

   3. Keep the Locale, Options, and Security settings as they are and click Save.

   Note:

   Permissions mentioned here are the minimum requirements for the data feed.

    

6. The new user will be created with a Pending Activation Status. An activation link will be sent via email.

    

7. You will receive an email. Store the Platform URL securely as it’ll be required to configure data source later. Click on Activate Your Account.
    

8. Enter the OTP Code received in email and click Submit.
    

9. You will get the information below, copy the password, and click on the URL. Login with the given username and password.
    

10. When you login with a new username and password for the first time, you will redirect to the verification page, verify your information, and click Save.
     

11. It will redirect to the “Change Password” window, the user can set a new password and login, and the user will be in active status. We will use the username and password to configure the API integration.
     

DataBee Configuration

1. Login to the DataBee UI, navigate to Data > Data Feeds and click the Add New Data Feed button.
    

2. Search for the Qualys VM Report and click on it as shown below.
    

3. Click on the API Ingest option for collection method.
    

4. Enter feed contact information and click Next.
    

5. In the configuration page, confirm the following:

   • Authorization Method: Basic

   • API Base URL: Identify the API base URL from your platform URL. Refer to this document to identify your base URL

   • Username: paste the Username generated earlier in email.

   • Password: paste the Password of the account that was set up earlier.

   • Event Types: preselected for all the event types that integration pulls.

    

6. Click Submit.

Troubleshooting Tips

• Ensure that username and password are correct.

• Ensure that the user has a Manager role.

• If you are unable to login with the temporary password, make sure you have given UI Permission to the User

• If certain hosts are missing from the report, verify in the Qualys dashboard that those hosts are assigned to at least one asset group. Only assets associated with asset groups are included in the process.

• HTTP 400 Response Code – May include errors such as "The Report Share disk limit for the subscription has been reached" which indicates that the storage quota for saved reports or templates has been exceeded and unused items should be deleted to free up space.