Introduction

The platform will communicate with the Qualys API to retrieve VM and/or WAS scan results from your Qualys instance/platform.

When integrating the platform with the Qualys API, you must first configure appropriate API credentials and API permissions within your Qualys platform. Whilst the Qualys API configuration is beyond the scope of this article, further information on the Qualys API can be found here

Configuring Qualys VM and/or WAS Integration

Choose the appropriate Connected Accounts entry:

Open

Open

All fields below are mandatory:

• Name - a meaningful name/ID of your Qualys instance within your platform tenant.

• Type - this field is pre-defined and cannot be changed

• Username - the username of the API-enabled user from your Qualys instance

• Password - the password of the API-enabled user from your Qualys instance

• Region - the region in which you Qualys instance is hosted.

• Scanner Frequency - this defines how often the Platform should check with the Qualys API for new scan data. Default is every 30 minutes

Select Create Scanner once all information has been populated.

Open

Open

For valid configurations the platform will display a green banner and return to the previous Qualys Scanner window.

Should the platform return a red banner during the configuration checks, this indicates an error with communicating/validating the API configuration. Please check your username, password and region details are correct and then select Create Scanner again.

Importing Scan Results from Qualys VM and/or WAS

Once an integration has been setup, the instances will be available to import scan results from. Scan results can be imported manually via a Phase, where the Platform will make an ad-hoc API call to Qualys to retrieve available scans: Alternatively, a Project can be created that can be configured to automatically import scan results from Qualys.