Qualys Vulnerability Management Connector Guide

Summary: How to set up and use the Qualys Vulnerability Management connector in Ivanti Neurons RBVM/ASPM/VULN KB.

Overview

Qualys Vulnerability Management provides asset discovery and vulnerability assessment for on-premises and cloud environments. The Ivanti Neurons RBVM/ASPM/VULN KB platform supports client connector configurations to provide a scheduled upload of Qualys network scan information. When viewing the Neurons RBVM/ASPM/VULN KB Integrations page, it records and displays the last time data from the Qualys connector was uploaded.

When data is pulled from a specific scanner connector, it uploads the last 30 days of scan data into the Neurons RBVM/ASPM/VULN KB platform. This is a default setting that cannot be adjusted. Once the data has been pulled, it is automatically added to the default group. As a reminder, if the data already exists in the platform, it will automatically be moved to the specific group.

Qualys User Permissions

A Qualys user can be assigned to one or more roles, which consolidate permissions that represent the rights to access features and functions. API Access can be given to a user when assigning or editing their role.

Locate Users in the navigation bar and either create or edit an existing user. In the pop-up window, select a User Role. Then, select or deselect the API checkbox. Click Save.

Qualys Vuln Management - User Permissions

Connector Setup

To set up the Qualys Vulnerability Management connector, navigate to the Automate > Integrations page.

Navigation - Automation - Integrations

Using the search bar in the upper-right corner of the Integrations page, type Qualys to find the connector.

Qualys Vuln Connector - Searching for Qualys Integration

Locate the Qualys Vulnerability card on the page and click Configuration.

Qualys Vuln Connector - Configuration Button Location

Enter a connector name, the specific Qualys Cloud instance URL, credentials for the Qualys user, and choose an existing network to associate the Qualys data with in the Neurons RBVM/ASPM/VULN KB platform. You can also add an optional SSL certificate. Click Test Credentials to verify the credentials are correct and have access to make API calls to the Qualys Vulnerability Management instance.

Qualys Vuln Connector - Connector Configuration

Configure the desired schedule for the connector to retrieve results from the Qualys instance, optionally turn on Enable auto URBA (Update Remediation by Assessment), include the report name prefix to pull, and click Save to create the connector.

Qualys Vuln Connector - Schedule and Connector Specific Options

A new card for the Qualys connector appears at the top of the Integrations page.

Qualys Vuln Connector - Currently Configured Integrations

This connector runs once the initial setup is complete. Click the History button to check the connector’s status.

Qualys Vuln Connector - History Button Location

Qualys Vuln Connector - Connector History

Clicking the Sync (Connector - Sync - Small) button pulls connector files from Qualys on demand. Clicking the Edit (Connector - Edit - Small) button allows you to modify the connector. Clicking the Delete (Connector - Delete - Small) button deletes the connector.

Qualys Vuln Connector - Sync Edit and Delete Button Locations