How to set up and use the Qualys Asset connector in RiskSense.
Qualys Asset Connector Overview
Qualys is a cloud service that proactively locates and identifies vulnerabilities through automated scanning. RiskSense offers an API-based connector that integrates Qualys vulnerability information into the RiskSense platform for further prioritization and accessibility.
Qualys Asset Configuration
This setup requires an account with Qualys and access to the Asset View.
Qualys Asset User Permissions
A User can be assigned to one or more Roles, which are a consolidation of Permissions that represent the rights to access features and functions. API Access can be given to a User when assigning or editing their Role.
Locate Users in the Navigation Bar and either create or edit an existing user. In the pop-up window, select a User Role. Then select or deselect the API check box.
Note: For more information, please visit Qualys.Community.
Connector Configuration in RiskSense
Setting Up the Qualys Asset Management Connector
Navigate to the Automation > Integrations page.
Using the search bar in the upper-right corner of the Integrations page, type Qualys to find the connector.
Locate the Qualys Asset Inventory card under Asset Management and click Configuration.
In the new window under Connection, complete the required fields, as described below.
- Name: The connector’s name.
- URL: Qualys Asset URL (i.e., https://qualysapi.qg2.apps.qualys.com/)
- User Name: The user name that has access to Qualys.
- Password: The password associated with the username.
- Network: RiskSense network name (ingested applications associated with this network).
Click Test Credentials to verify the credentials are correct and have access to make API calls to the Qualys Asset instance.
Note: If your Qualys Asset instance uses whitelisting, contact RiskSense Support to obtain the whitelisting IPs.
Configure the desired schedule for the connector to retrieve results from the Qualys Asset instance and optionally turn on Enable auto URBA (Update Remediation by Assessment).
Click Save to create the connector. Once saved, the connector is now visible on the Integrations page under Currently Configured Integrations.
On the Settings > Uploads page, Qualys Asset data is parsed from the scan file and displayed on the Hosts page.
Qualys Asset Data Mapping in RiskSense
The Scanner Name associated with these scans is QUALYS, which can be used as a filter in the Hosts view in RiskSense.
Host data extracted from the Qualys Asset scan file is shown on the Hosts page under the Asset Details section.
|RiskSense Field||Qualys Field||Detail Pane|
Assigned by order of precedence according to:
|Asset Details Section|
|Operating System||HostOperatingSystem||Asset Details Section|
|DNS||DNS||Asset Details Section|
|NetBIOS||netbios||Asset Details Section|
|Last Scan Date||discovered_date||Recent Scans|