Versions Compared

Old Version 2

changes.mady.by.user Alexander Meledin

Saved on

compared with

New Version 3

changes.mady.by.user Daria Lebedeva

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Cloudaware CMDB and Breeze Agent support Qualys Vulnerability Scanning Service. Integration The integration supports several distinct use cases:

  • Qualys as datasource

  • Qualys Breeze plugin

    • Deployment

    • Floating license management

    • Software asset management

  • Qualys as a vulnerability scanning provider

    • BYOL deployment

    • Cloudaware license

Qualys As Datasource

Cloudaware is a CMDB service that supports AWS, Azure and GCE cloud providers. Cloudaware enhances CMDB inventory data using Qualys API.

...

CMDB users can now build reports using report types such as AWS EC2 Instances With Cloudaware Vulnerabilities, for example.

Key Benefits

  • Measure Scan Coverage: identify unscanned instances or instances that have not been scanned in a long time.

  • Create vulnerability reports that combine data from Qualys, data from cloud provider and other CMDB data, e.g. group critical vulnerabilities, by AWS account owner or application or combine vulnerability data filtered by cloud provider tags.

  • Establish other key KPI such as MTTR and Scan Frequency.

  • Establish complete risk profile by identifying instances with critical vulnerabilities that are also in permissive\/public security groups, subnets, VPCs.

Qualys Breeze Plugin

Cloudaware Breeze is an optional agent that customers can deploy to cloud compute, virtual and onprem on-prem instances. Cloudaware uses Breeze agent data to enhance CMDB data with operating system level, data about installed packages, patches, services, users and performance metrics.

...

  1. Discover and interrogate Qualys agent state and version. Qualys is a supported software in Breezeā€™s software asset management capability. Using Breeze agent data, CMDB users can create software asset inventory reports showing which versions of Qualys are installed. In addition, Breeze catalogs the state of the Qualys agent - whether it is running or not.

  2. Install/Uninstall/Configure Breeze agent. Breeze Agent, when deployed in DevOps mode, can not only interrogate state of pre-existing Qualys agent, but to install and configure as well. If Breeze detects that agent is corrupt or missing: not starting or otherwise malfunctioning, it will perform clean reinstall of the Qualys agent to enforce desired state. Breeze supports deployment of Qualys Agent on all Breeze supported operating systems.

License Management

Breeze agent working in coordination with CMDB will manage Qualys Agent registration and de-registration processes. During registration process CMDB will furnish Breeze Agent with Qualys registration keys based on the attributes of the instance where Breeze is running, such as cloud provider account ID, VPC or application name.

When CMDB notices instances have been terminated or stopped for over 24 hours, it will issue an asset de-registration request directly to Qualys API endpoint. Once server is restarted, Breeze will re-register Qualys agent upon boot.

Vulnerability Scanning Provider

Cloudaware offers vulnerability scanning as a services (VSaaS). When subscribing for VSaaS, Cloudaware will ensure that all infrastructure gets scanned at least once on a weekly basis. Cloudaware VSaaS supports Qualys as vulnerability scanning provider. Breeze agent will automatically deploy and perform at least one scan every 7 days.

When subscribing to VSaaS, customers can bring their own license or leverage licenses provided by Cloudaware.

Permissions and Settings

If Qualys is acting as datasource only, reader Reader role is sufficient. However, if Cloudaware/Breeze is managing the agent deployment along with activation and de-activation, Cloudaware user needs to be given permissions to Install/Uninstall and Activate/Deactivate agents as shown here.

...