Implementation/Admin Learning Path
      Back to home
      1. Knowledge Base
      2. Implementation/Admin Learning Path

      How do I configure a Qualys Integration?

      Requirements

      • The API Platform Region for your instance:
        • Qualys supports multiple regions and each client is assigned a different region depending on their contract or license. 
        • You can select one of the list:
      • The API User's Username:
      • The API User's Password

      Permissions

      • A NopSec user with the permissions of:
        • Integrations.read
        • Integrations.write
      • We require the Qualys API user to have access to do the following
        • VM
        • Asset Management
        • PCI

       

      Steps to configure

      • Create Qualys User with API Access (required) and GUI access (recommended) 

        • Login to your Qualys region using an Admin account.

        • Follow the steps found here:
        • We recommend the following:
          • Creating a user for the NopSec integration to have both GUI and API Access
            • This helps us log in to the UI and validate data ourselves.
          • Assign permissions with access to viewing your Assets, your Reports, and your Vulnerabilities. 
          • Assign the Asset Groups you would like to sync with NopSec to the User.
      • Open NopSec and click on Integrations
        1. Click on Vulnerability Tab
        2. Find Qualys (there are several options, VM, WAS, PCI)
        3. Click on Add Integration
        4. Give your integration a connection name
        5. Paste the Username
        6. Paste the Password
        7. Select the Platform Region
        8. Click Save and Connect
      • Click on Sync History Tab
        • Refresh every few minutes to see the updated status
        • The first sync is only scheduled to retrieve 24 hours worth of data
        • Once task is completed, ie. FINISHED then you may go to Prioritize and see your results

       

      Best Practices

      • You can work with your Customer Success team to determine the type of data ingested from Qualys. By default, NopSec will bring in:
        • All Vuln Instances for the last 24 hours, then for the last 3 months.
        • This includes Information Gathered, items with Severity of None, Low, Medium, High, Critical. You may choose which types we ingest.
        • We ingest all tags associated with the assets ingested.
        • We may also apply other API filters to retrieve specific data or exclude data.
      • You can manage what assets we bring in through Asset Groups and assigning that to the user.