- 25 Mar 2025
- 2 Minutes to read
- Print
- DarkLight
Qualys Vulnerability Management
- Updated on 25 Mar 2025
- 2 Minutes to read
- Print
- DarkLight
Qualys vulnerability management software helps you measure known and unknown risks, prioritize, and communicate risk across vulnerabilities, and patch any device anywhere. For more information, please refer to Qualys documentation.
Integration Method: API
Tables: Vulnerability Finding (2002), Device Inventory Info (5002)
This integration supports the following events.
Event | Description |
---|---|
Host Detections | Retrieves list of detection. |
Hosts | Retrieves list of hosts in organization. |
This integration supports the following versions.
Qualys VM API version | 2.0 |
Prerequisites
Access to Qualys dashboard with manager level access.
Access to the DataBee Console.
Configuration Overview
Generate an API token with the required permissions.
Add the Qualys VM in the DataBee console with the below parameters.
DataBee Parameter
Qualys Policy compliance Parameter
Username
Username
Password
Password
Qualys Configuration
Sign in to the Qualys Dashboard.
Navigate to the Users tab.
Create a new user using the Users > New > User dropdown on the user page.
Fill in the necessary data in the General Information tab. Then Click on User Role.
In the “User Role” tab, fill in the role details and make sure we have allowed access to both API and GUI.
User Role – Manager
Allow access in – GUI, API
Note:
Permissions mentioned here are the minimum requirement for the data feed.
Keep the Locale, Options, and Security settings as they are and click Save. The new user will be created with a Pending Activation status. Also, an activation link will be sent to the email added in the General Information.
You will receive an email. Store the ‘Platform URL’ securely as it’ll be needed to configure data source later. Click on Activate Your Account.
Enter the OTP Code received in email and click on Submit.
You will get the information below, copy the password, and click on the URL. Login with a given username and password.
When you login with a new username and password for the first time, you will redirect to the verification page, verify your information and click on Save.
It will redirect to the “Change Password” window, the user can set a new password and login, the user will be in active status. We will use the username and password.
DataBee Configuration
Login to the DataBee UI, navigate to Data > Data Feeds and click the Add New Data Feed button.
Search for the Qualys Vulnerability Management and click it as shown below.
Click on the API Ingest option for collection method.
Enter feed contact information and click Next.
In the configuration page, confirm the following:
Authorization Method: Basic
API Base URL: replace API Base URL with the URL copied before from email.
Username: paste the Username generated earlier in email.
Password: paste the Password of the account that was set up earlier.
Event Types: preselected for all the event types that integration pulls.
Click Submit.
Troubleshooting Tips
Ensure that username and password are correct.
Ensure that the user has a manager role.
If you are unable to login with the temporary password, make sure you have given UI Permission to the user.