Qualys Vulnerability KnowledgeBase

  • Published on Sep 26, 2025
  • 2 minute(s) read
Prev Next

The Qualys KnowledgeBase is a central repository of vulnerabilities, each identified by a unique QID (Qualys ID). It contains detailed information such as severity levels, affected software, solutions, and references. Qualys KnowledgeBase is a core component of Qualys Vulnerability Management (VM), which enables organizations to detect, assess, and manage vulnerabilities across their environments.

For more details, please refer to the official Qualys Documentation.

Integration Method: API

Tables: OSINT Inventory Info (5021)

This integration supports the following events.

Event

Description

Vulnerabilities

Retrieves list of vulnerabilities from Qualys KB

Prerequisites

  • Access to Qualys dashboard with manager with full scope

  • Access to the DataBee Console

Configuration Overview

  1. Create API credentials on the Qualys dashboard with required permissions.

    1. Create a user with the required permissions

  2. Add the Qualys Vuln KB in the DataBee console with the below parameters.

    DataBee Parameter

    Qualys Vuln KB Parameter

    Username

    Username

    Password

    Password

Qualys Configuration

Create User

  1. Sign in to the Qualys Dashboard.

  2. Navigate to the Users tab.

  3. Create a new user using the Users > New > User dropdown on the user page.

  4. Fill in the required data in the General Information tab. Then click on User Role.

  5. In the User Role tab, fill in the role details and make sure we have allowed access to both API and GUI.

    1. User Role – Manager

    2. Allow access in – GUI, API

    3. Keep the Locale, Options, and Security settings with default values and then click Save.

    Note:

    Permissions mentioned here are the minimum requirements for the data feed.

  6. The new user will be created with a Pending Activation Status. An activation link will be sent via email.

  7. You will receive an email. Store the Platform URL securely as it’ll be required to configure data source later. Click on Activate Your Account.

  8. Enter the OTP Code received in email and click Submit.

  9. You will get the information below, copy the password, and click on the URL. Login with the given username and password.

  10. When logging in with the new username and password for the first time, you will redirect to the verification page. Verify your information, and click Save.

  11. Change the password as requested. This will be the username and password to configure the API integration.

DataBee Configuration

  1. Login to the DataBee UI, navigate to Data > Data Feeds and click the Add New Data Feed button.

  2. Search for the Qualys Vulnerability KnowledgeBase and click on it as shown below.

  3. Click on the API Ingest option for collection method.

  4. Enter feed contact information and click Next.

  5. In the configuration page, confirm the following:

    • Authorization Method: Basic

    • API Base URL: Replace API Base URL with the URL copied before from email. Refer to this document: Qualys Platform Identification

    • Username: Paste the Username generated earlier in email.

    • Password: Paste the Password of the account that was set up earlier.

    • Event Types: Preselected for all the event types that integration pulls.

  6. Click Submit.

Troubleshooting Tips

  • Ensure that username and password are correct.

  • Ensure that the user has a Manager role.

  • If you are unable to login with the temporary password, make sure you have given UI Permission to the User.