This page walks you through setting up Qualys VM for your Unified VRM, and ingesting Qualys VM data inside Unified VRM.
Before you begin
To complete this quickstart, including setting up a Qualys VM credential for your Unified VRM, you'll need to have:
- Qualys VM subscription
- Qualys VM Manager or Unit Manager role
- Qualys API access (Qualys support can enable)
- Unified VRM Admin privileges
Create dedicated Qualys account for Unified VRM
Step 1: Create Qualys VM account for Unified VRM
The following Qualys documentation shows how to create a user account:
Please use the following values when creating a new user.
General Information
- First Name: NopSec
- Last Name: UVRM
- Title: UVRM
- Phone: (646) 502-7900
- Email: [customer’s email address]
- Address 1: 20 Jay St #903
- Country: United States of America
- Role: Basic
User Role
- User Role: Manager
- Allow access to
- GUI: checked
- API: checked
- Business Unit: Unassigned
Permissions
- Manage VM module: checked
Options
- None for all
- Off for all
- No notification for all
Security
- VIP two-factor authentication: not checked
Step 2: Open welcome email
Once you've added the user, Qualys will send you a welcome email with login instructions.
Open the link in the email to reveal UVRM’s Qualys username and password.
Input credentials into Unified VRM
Please provide the Unified VRM user account’s username and password in the Integrate tab in the Unified VRM platform.
-
Enter your Qualys username and password
-
Enter the the Qualys POD/Region url.
-
Submit
After your secure connection has been established, the status will be displayed there in the Integrate tab. You can edit or change your credentials at anytime by clicking the edit link.
Settings
Unified VRM Asset Groups
The following metadata from Qualys will be converted into Asset Groups within Unified VRM:
- Tags
- Asset Groups
- Business Units
These asset groups can then be used during search queries.
Vulnerability Date Information
Within Unified VRM, there will be several dates in the Remediations tabs. When importing Qualys data, the following criteria is used to populate these date fields.
- “Age” is calculated from when Qualys first detected the vulnerability
- “Last Detected” is the last date Qualys detected the vulnerability
Qualys Connector API Calls
The following API calls are performed during a connector run to retrieve the Qualys information and import it into Unified VRM.
- Scans
/api/2.0/fo/scan/ - Tags
/qps/rest/2.0/search/am/tag - Hosts
/api/2.0/fo/asset/host/ - Detections
/api/2.0/fo/asset/host/vm/detection/