Unified VRM Integrations
      Back to home
      1. Knowledge Base
      2. Unified VRM Integrations

      Quickstart for Qualys VM

      This page walks you through setting up Qualys VM for your Unified VRM, and ingesting Qualys VM data inside Unified VRM.

      Before you begin

      To complete this quickstart, including setting up a Qualys VM credential for your Unified VRM, you'll need to have:

      1. Qualys VM subscription
      2. Qualys VM Manager or Unit Manager role
      3. Qualys API access (Qualys support can enable)
      4. Unified VRM Admin privileges

      Create dedicated Qualys account for Unified VRM

      Step 1: Create Qualys VM account for Unified VRM

      The following Qualys documentation shows how to create a user account:

      Add New User (using VM)

      Please use the following values when creating a new user.

      General Information

      • First Name: NopSec
      • Last Name: UVRM
      • Title: UVRM
      • Phone: (646) 502-7900
      • Email: [customer’s email address]
      • Address 1: 20 Jay St #903
      • Country: United States of America
      • Role: Basic

      User Role

      • User Role: Manager
      • Allow access to
        • GUI: checked
        • API: checked
      • Business Unit: Unassigned

      Permissions

      • Manage VM module: checked

      Options

      • None for all
      • Off for all
      • No notification for all

      Security

      • VIP two-factor authentication: not checked

      Step 2: Open welcome email

      Once you've added the user, Qualys will send you a welcome email with login instructions.

      Open the link in the email to reveal UVRM’s Qualys username and password.

      Input credentials into Unified VRM

      Please provide the Unified VRM user account’s username and password in the Integrate tab in the Unified VRM platform.

      1. Enter your Qualys username and password

      2. Enter the the Qualys POD/Region url.

      3. Submit

      After your secure connection has been established, the status will be displayed there in the Integrate tab. You can edit or change your credentials at anytime by clicking the edit link. 

      Settings

      Unified VRM Asset Groups

      The following metadata from Qualys will be converted into Asset Groups within Unified VRM:

      • Tags
      • Asset Groups
      • Business Units

      These asset groups can then be used during search queries.

      Vulnerability Date Information

      Within Unified VRM, there will be several dates in the Remediations tabs. When importing Qualys data, the following criteria is used to populate these date fields.

      • “Age” is calculated from when Qualys first detected the vulnerability
      • “Last Detected” is the last date Qualys detected the vulnerability

      Qualys Connector API Calls

      The following API calls are performed during a connector run to retrieve the Qualys information and import it into Unified VRM.

      • Scans
        /api/2.0/fo/scan/
      • Tags
        /qps/rest/2.0/search/am/tag
      • Hosts
        /api/2.0/fo/asset/host/
      • Detections
        /api/2.0/fo/asset/host/vm/detection/