Qualys Asset Connector Guide

How to set up and use the Qualys Asset connector in RiskSense.

Qualys Asset Connector Overview

Qualys is a cloud service that proactively locates and identifies vulnerabilities through automated scanning. RiskSense offers an API-based connector that integrates Qualys vulnerability information into the RiskSense platform for further prioritization and accessibility.

Qualys Asset Configuration

This setup requires an account with Qualys and access to the Asset View.

Qualys Asset User Permissions

A User can be assigned to one or more Roles, which are a consolidation of Permissions that represent the rights to access features and functions. API Access can be given to a User when assigning or editing their Role.

Locate Users in the Navigation Bar and either create or edit an existing user. In the pop-up window, select a User Role. Then select or deselect the API check box.

Qualys Asset Connector - Edit User in Qualys

Note: For more information, please visit Qualys.Community.

Connector Configuration in RiskSense

Setting Up the Qualys Asset Management Connector

Navigate to the Automation > Integrations page.

Navigation - Automation - Integrations

Using the search bar in the upper-right corner of the Integrations page, type Qualys to find the connector.

Qualys Asset Connector - Search for Qualys

Locate the Qualys Asset Inventory card under Asset Management and click Configuration.

Qualys Asset Connector - Configuration Button Location

In the new window under Connection, complete the required fields, as described below.

Qualys Asset Connector - Configuration Window

  • Name: The connector’s name.
  • URL: Qualys Asset URL (i.e., https://qualysapi.qg2.apps.qualys.com/)
  • User Name: The user name that has access to Qualys.
  • Password: The password associated with the username.
  • Network: RiskSense network name (ingested applications associated with this network).

Click Test Credentials to verify the credentials are correct and have access to make API calls to the Qualys Asset instance.

Qualys Asset Connector - Test Credentials

Note: If your Qualys Asset instance uses whitelisting, contact RiskSense Support to obtain the whitelisting IPs.

Configure the desired schedule for the connector to retrieve results from the Qualys Asset instance and optionally turn on Enable auto URBA (Update Remediation by Assessment).

Qualys Asset Connector - Schedule and Connector Specific Options

Click Save to create the connector. Once saved, the connector is now visible on the Integrations page under Currently Configured Integrations.

Qualys Asset Connector - Configured Connector

On the Settings > Uploads page, Qualys Asset data is parsed from the scan file and displayed on the Hosts page.

Qualys Asset Data Mapping in RiskSense

The Scanner Name associated with these scans is QUALYS, which can be used as a filter in the Hosts view in RiskSense.

Hosts Page

Host data extracted from the Qualys Asset scan file is shown on the Hosts page under the Asset Details section.

RiskSense Field Qualys Field Detail Pane

Assigned by order of precedence according to:

  1. DNS
  3. IP Address
Asset Details Section
Operating System HostOperatingSystem Asset Details Section
DNS DNS Asset Details Section
NetBIOS netbios Asset Details Section
Last Scan Date discovered_date Recent Scans
Tags Asset_group_ids Tags Section