Qualys Vulnerability Scanner

  • Published on Sep 26, 2025
  • 2 minute(s) read
Prev Next

Qualys vulnerability management software helps you measure known and unknown risks, prioritize, and communicate risk across vulnerabilities, and patch any device anywhere. For more information, please refer to Qualys documentation.

Integration Method: API

Tables: Vulnerability Finding (2002), Device Inventory Info (5001)

This integration supports the following events.

Event

Description

Vulnerable Host

Retrieves list of detections with their asset name

Assets

Retrieves list of asset details

This integration supports the following versions.

Qualys VM API version

2.0

Prerequisites

  • Access to Qualys dashboard with manager level access

  • Access to the DataBee Console

Configuration Overview

  1. Create API credentials on the Qualys dashboard with required permissions.

    1. Create a user with the required permissions

  2. Add the Qualys VM data feed in the DataBee console with the below parameters.

    DataBee Parameter

    Qualys Vulnerability Management Parameter

    Username

    Username

    Password

    Password

Qualys Configuration

  1. Sign in to the Qualys Dashboard.

  2. Navigate to the Users tab.

  3. Create a new user using the Users > New > User dropdown on the user page.

  4. Fill in the necessary data in the General Information tab. Then click on User Role.

  5. In the User Role tab, fill in the role details and make sure we have allowed access to both API and GUI.

    1. User Role – Manager

    2. Allow access in – GUI, API

    Note:

    Permissions mentioned here are the minimum requirement for the data feed.

  6. Keep the Locale, Options, and Security settings as they are and click Save. The new user will be created with a Pending Activation status. Also, an activation link will be sent to the email added in the General Information.

  7. You will receive an email. Store the Platform URL securely as it’ll be needed to configure data source later. Click on Activate Your Account.

  8. Enter the OTP Code received in email and click on Submit.

  9. You will get the information below, copy the password, and click on the URL. Login with the given username and password.

  10. When you login with a new username and password for the first time, you will redirect to the verification page, verify your information and click on Save.

  11. It will redirect to the “Change Password” window. The user can set a new password and login. The user will be in active status. We will use the username and password to configure the API integration.

DataBee Configuration

  1. Login to the DataBee UI, navigate to Data > Data Feeds and click the Add New Data Feed button.

  2. Search for the Qualys Vulnerability Management and click it as shown below.

  3. Click on the API Ingest option for collection method.

  4. Enter feed contact information and click Next.

  5. In the configuration page, confirm the following:

    • Authorization Method: Basic

    • API Base URL: Replace API Base URL with the URL copied before from email. Refer to this document: Qualys Platform Identification

    • Username: Paste the Username generated earlier in email.

    • Password: Paste the Password of the account that was set up earlier.

    • Event Types: Preselected for all the event types that integration pulls.

    • Additional Vulnerability Type: Preselected for all vulnerabilities pulled by the integration. Users can include or exclude these types as required.

  6. Click Submit.

Troubleshooting Tips

  • Ensure that username and password are correct.

  • Ensure that the user has a manager role.

  • If you are unable to login with the temporary password, make sure you have given UI Permission to the User.