Tenant Overview - Scanner Management
- Jonathan Bellard
Custom Import Frequency Settings for Scanner Integrations
Summary
To address the challenges posed by Qualys' API rate limits currently, we have introduced a feature that allows partners and end clients to customize the frequency of auto-import checks. This feature is designed to optimize API usage and prevent exceeding the restrictive API limits set by Qualys, thereby enhancing integration efficiency.
Currently by default, all connected scanners are polled every 30 mins for new scan imports.
Key Enhancements
Customizable Import Frequencies:
Set custom frequencies for data imports from Qualys at both the tenant and platform instance levels.
This flexibility helps manage API calls more efficiently.
New Scanner Management Page:
A new page in the tenant overview displays all auto-importers set up within the tenants.
Provides a centralized view and management options.
Default and Individual Importer Settings:
Set a default import frequency that applies to all auto-importers within your tenant.
Customize settings for individual importers based on specific needs.
User Stories
Platform Partners Utilizing Qualys: As a platform partner, I want to set a default import frequency for my clients that optimizes API usage, ensuring efficient operations without hitting API rate limits.
End-User Employing Qualys for Vulnerability Data Imports: As an end-user, I need to adjust the polling frequency to once or twice a day to stay within the entry-level API limits.
How to Use
Access the Scanner Management Page:
Navigate to the tenant overview.
Click on the Scanner Management page to view all auto-importers.
Only scanners set up by users with the Staff Role will be visible in this view, displaying exclusively 'Staff' scanners. This ensures the protection of clients who use their own scanners to import vulnerability data not managed by the partner.
Set Default Import Frequency:
Configure the default settings for all auto-importers within your tenant by using the Apply to All button.
Choose from intuitive options such as per two hours, four hours, six hours, twelve hours or twenty four hours, depending on your API plan with Qualys.
Customize Individual Importer Settings:
Adjust settings for individual importers as required.
Ensure specific client needs are met efficiently.
Enhancing Integration Flexibility
This feature significantly enhances the flexibility of our scanner integrations by allowing users to tailor the frequency of imports. By enabling efficient management of API utilization, we help ensure that our clients can maintain optimal operation of their vulnerability management processes without exceeding API limits. This also provides protection for any existing scanning providers that may impose these API restrictions.
Implement these settings today to optimize your scanner integrations and ensure efficient, uninterrupted operations.
Example: How the API Polling Works in Practice
When you create and save a new auto-import scanner for a client’s project and select an API import frequency that differs from the default (30 minutes), the polling mechanism functions as follows:
Initial Poll: The platform will attempt the project’s first import either on the hour or half hour (depending on when the user saved the configuration).
Successful Import: Once the first import succeeds, the next check will be scheduled according to the selected API frequency (e.g., every 2 hours, 6 hours, etc.).
Unsuccessful Import: If the import fails, the platform will continue attempting an import every half hour until a successful import is established. Once successful, the system aligns all subsequent checks to the chosen frequency.
This behavior ensures that a newly created auto-import scanner quickly establishes a baseline of successful operation, after which it follows your custom polling interval to prevent exceeding any restrictive API limits.