Qualys Vulnerability Management

Qualys Vulnerability Management, with its Detection and Response, enables organizations to automatically discover every asset in their environment, including unmanaged assets appearing on the network, inventory all hardware and software, and classify and tag critical assets.

Integration Method: API

Tables: Security Finding, Detection Finding

Qualys Configuration

To use the Qualys API, you need a user with access to the API with basic authentication. Credentials for the API user will be a username and password.

1. Login to your Qualys Dashboard.

   

2. Navigate to the USERS tab.

3. Create a new user using the New dropdown on the “USERS" page.

4. Fill in the necessary data in the general information tab and make sure we have allowed the access to API in the user role tab.

   

5. Once the details are filled, click the Save button. You will see the new user created with a pending activation status.

6. An activation link will be sent to the API user’s email. The link will contain credentials. Once we log in to the dashboard with this credential and complete the registration for the new user, the user will be in active status, and we will be able to use the API using basic authentication: username and password.

   

DataBee Configuration

Use the API user credentials. Detailed setup documentation can be found at API Ingest.

1. Go to the DataBee console and add a new data source.

   

2. Select Qualys Vulnerability Management.

   

3. Click on the API Ingest button.

   

4. While configuring data source in DataBee UI, select the Basic option from the ‘Authorization Method’ dropdown. Provide the above API user credentials.

   

Use the following API URL: https://<domain>/api/2.0/fo/asset/host/vm/detection/ and replace<domain>with your organization tenant information.