Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Info

Qualys is a cloud-based solution that detects vulnerabilities on all networked assets, including servers, network devices (e.g. routers, switches, firewalls, etc.), peripherals (such as IP-based printers or fax machines) and workstations.

logo rgb_sign dark (3).pngImage Removed Qualys - CA_logo_black.pngImage Added To see how Cloudaware seamlessly integrates with Qualys in action, request a demo.

...

Cloudaware CMDB and Breeze agent support Qualys Vulnerability Scanning Service. The integration supports several distinct use cases:

  • Qualys as datasourcea data source

  • Qualys Breeze plugin

  • Qualys as a vulnerability scanning provider

Qualys

...

as a data source

Cloudaware CMDB supports AWS, Azure, and Google Cloud. Cloudaware enhances CMDB inventory data using Qualys API.

...

Here is a complete list of fields that Cloudaware either extracts from Qualys or calculates based on the extracted data:

  • Last Scan Date

  • Last Scan Result

  • Critical Vulnerabilities Count

  • High Vulnerabilities Count

  • Medium Vulnerabilities Count

  • Low Vulnerabilities Count

Cloudaware enhances the following CMDB object types with data from Qualys:

...

In addition, complete vulnerability scan results for every asset are also downloaded into CMDB. Vulnerabilities contain all standard fields from Qualys, such as CVSS Base Score, Risk, Remediation Instructions, Impact, etc.

Key

...

benefits

  • Measure Scan Coverage: identify unscanned instances or instances that have not been scanned in a long time.

  • Create vulnerability reports that combine data from Qualys, data from cloud providers and other CMDB data, e.g. group critical vulnerabilities by AWS account owner or application, or combine vulnerability data filtered by cloud provider tags.

  • Establish other key KPIs, such as MTTR and Scan Frequency.

  • Establish a complete risk profile by identifying instances with critical vulnerabilities that are also in permissive/public security groups, subnets, VPCs.

Qualys Breeze

...

plugin

Cloudaware Breeze is an optional agent that customers can optionally deploy to cloud compute, virtual, and on-prem instances. Cloudaware uses Breeze agent data to enhance CMDB data with operating system level, OS-level information and data about installed packages, patches, services, users, and performance metrics.

The Breeze Agent agent has several capabilities in regards to Qualys:

1. Discover and interrogate the Qualys

...

Agent state and version.
Qualys is a supported software in Breeze’s software asset management capability.

...

CMDB users can use Breeze agent data

...

to create software asset inventory reports showing which versions of Qualys are installed. In addition, Breeze catalogs the state of the Qualys

...

Agent - whether it is running or not.

2. Install/

...

uninstall or configure the Qualys Agent.
When deployed in DevOps mode, the Breeze agent can not only interrogate the state of the pre-existing Qualys

...

Agent but

...

install and configure it as well. If Breeze detects that the agent is corrupt or missing

...

, not starting or otherwise malfunctioning, it will perform clean reinstall of the Qualys

...

Agent to enforce the desired state. Breeze supports deployment of Qualys

...

agents on all Breeze-supported operating systems.

License

...

management

The Breeze agent working in coordination will coordinate with CMDB will to manage the Qualys Agent registration and de-registration processes. During the registration process, CMDB will furnish Breeze Agent with Qualys registration keys based on the attributes of the instance where Breeze is running, such as cloud provider account ID, VPC, or application name.

When CMDB notices instances that have been terminated or stopped for over 24 hours, it will issue an asset de-registration request directly to Qualys API endpoint. Once the server is restarted, Breeze will re-register the Qualys agent Agent upon boot.

Vulnerability

...

scanning provider

Cloudaware offers vulnerability scanning as a service (VSaaS). When subscribing for VSaaS, Cloudaware will ensure that all infrastructure gets scanned at least once on a weekly basisweek. Cloudaware VSaaS supports Qualys as a vulnerability scanning provider. Breeze agent will automatically deploy and perform at least one scan every 7 days.

When subscribing to VSaaS, customers can bring their own license licenses or leverage licenses provided by Cloudaware.

Permissions and

...

settings

If Qualys is acting as datasource a data source only, Reader reader role is sufficient for Cloudaware (see User Roles Comparison).

However, if Cloudaware/Breeze is managing the agent deployment along with activation and de-activation, Cloudaware user needs to be given permissions to Installinstall/Uninstall uninstall and Activateactivate/Deactivate deactivate agents as shown described here.

...

Setup in Cloudaware

...

...

  1. Log in to

...

  1. Cloudaware account → Admin.

    Qualys - setup in Cloudaware - admin.pngImage Added

...

  1. Find Qualys in

...

  1. Security integrations. Click +Add.

...

  1. Qualys - setup in Cloudaware - admin - add Qualys integration.pngImage Added

...

  1. Fill out the form:

...


  1. Qualys - setup in Cloudaware - Qualys integration details.pngImage Added

    WHERE

    Name - insert a meaningful Qualys integration name
    API URL - insert a valid URL containing the platform identifier
    Username - insert a username
    Password - insert a password

    Click Save.

  2. The green light in 'Status' means that Qualys integration has been successfully added. If there is a red light, please contact support@cloudaware.com.

...

  1. Qualys - setup in Cloudaware - integration status.pngImage Added