Integrate IoT Security with Qualys

IoT Security can integrate with Qualys Vulnerability Management (VM) products to perform vulnerability scans. When you initiate a vulnerability scan of a particular IoT device from the IoT Security portal, the command is securely sent from the IoT Security through Cortex XSOAR to the Qualys Cloud API over HTTPS. The Qualys Cloud forwards the command to the specified scanner, which performs its scan and sends back the results. Qualys creates a report with the data it received, generates a PDF, and sends it back through Cortex XSOAR to IoT Security. IoT Security updates the vulnerability information and risk score for the scanned device and displays a link to the report on its Device Details page and on the ReportsVulnerability Scan Reports page.

Qualys vulnerability scans complement the passive monitoring that IoT Security performs on network traffic by uncovering vulnerabilities on scanned devices. IoT Security incorporates the scan results such as CVEs into its ongoing risk score assessments.

Integrating with Qualys requires either a full-featured Cortex XSOAR server or the purchase and activation of an IoT Security third-party integration add-on license, which comes with a free cohosted Cortex XSOAR instance. The basic plan includes a license for three integration add-ons, one of which can be used for Qualys. The advanced plan includes a license for all supported third-party integrations.