Auto Importing Qualys VM Technical Reports

Owned by Nathan O'Hare
Last updated: Feb 28, 2024 by Jonathan Bellard
3 min read

This article describes how to configure the platform to import Technical Reports from Qualys VM. The details below describe how the platform can automatically retrieve Technical Reports from Qualys VM.

Introduction

The Platform’s API support for Qualys VM allows scan results to be retrieved on a ‘per-scan’ basis, or ‘per Technical Report’ basis.

When Technical Reports have been created in Qualys VM, the platform can use the Qualys API to enumerate these Technical Reports and retrieve the report’s underlying XML data.

Technical Reports in Qualys VM must be of the XML format and either “scan-based” or “host-based” Technical Reports.

Requirements for Technical Reports in Qualys VM

Please refer to the following article the describes the type of Technical Reports that the platform supports:

https://rootshellsecurity.atlassian.net/wiki/spaces/PK/pages/1420722182

Configuring Auto Import in Prism

During the creation of a new Project, the “Auto Import” feature must be enabled in the project’s settings. Enabling this feature presents the “Auto Importer” section where auto imports can be defined:

Technical Reports in Qualys must be identified to the platform by their Report Title. This is necessary so that the platform can periodically connect to the Qualys API, enumerate Technical Reports and retrieve the relevant report with a [partially/fully] matching name:

In Qualys VM Reports, note the Report Title of the report that is to be imported into Prism:

In Prism, an Auto Import rule must be defined where the “Scan Identifier” field contains a value that partially/fully matches the Report Title from Qualys VM:

WARNING: If multiple reports exist in Qualys VM, use a suitable Report Title naming scheme that ensures only the intended Qualys VM report is identified and retrieved by Prism. If the “Scan Identifier” value in the platform should match more than one Qualys VM report, this will prevent the platform from importing the correct results. In the example below, the full Report Title in Qualys VM has been used.

When all necessary fields have been populated in the “Manage Project Scanner” window, click Submit and this will commit the auto import settings to the project.

Please ensure you then click “Save” in the project’s settings to commit the settings to the platform properly:

Once saved, the platform will not periodically query the Qualys VM API and identify when new Technical Reports, that matched the given criteria, are available.

Existing Technical Reports in Qualys VM that were generated beforehand will NOT be imported. The platform will only look for new Technical Reports after the project’s Auto-Import settings have been defined and the project has been saved.