Set up QualysGuard Express for Integration
Table of Contents
Expand all | Collapse all
-
- Integrate IoT Security with AIMS
- Set up AIMS for Integration
- Set up IoT Security and XSOAR for AIMS Integration
- Send Work Orders to AIMS
- Integrate IoT Security with Microsoft SCCM
- Set up Microsoft SCCM for Integration
- Set up IoT Security and XSOAR for SCCM Integration
- Integrate IoT Security with Nuvolo
- Set up Nuvolo for Integration
- Set up IoT Security and XSOAR for Nuvolo Integration
- Send Security Alerts to Nuvolo
- Send Vulnerabilities to Nuvolo
- Integrate IoT Security with ServiceNow
- Set up ServiceNow for Integration
- Set up IoT Security and XSOAR for ServiceNow Integration
- Send Security Alerts to ServiceNow
- Send Vulnerabilities to ServiceNow
-
- Integrate IoT Security with Cortex XDR
- Set up Cortex XDR for Integration
- Set up IoT Security and XSOAR for XDR Integration
- Integrate IoT Security with CrowdStrike
- Set up CrowdStrike for Integration
- Set up IoT Security and XSOAR for CrowdStrike Integration
- Integrate IoT Security with Microsoft Defender XDR
- Set up Microsoft Defender XDR for Integration
- Set up IoT Security and Cortex XSOAR for Microsoft Defender XDR Integration
- Integrate IoT Security with Tanium
- Set up Tanium for Integration
- Set up IoT Security and XSOAR for Tanium Integration
-
- Integrate IoT Security with Aruba AirWave
- Set up Aruba AirWave for Integration
- Set up IoT Security and Cortex XSOAR for Aruba AirWave Integration
- View Device Location Information
- Integrate IoT Security with Aruba Central
- Set up Aruba Central for Integration
- Set up IoT Security and XSOAR for Aruba Central Integration
- Integrate IoT Security with Cisco DNA Center
- Set up Cisco DNA Center to Connect with XSOAR Engines
- Set up IoT Security and XSOAR for DNA Center Integration
- Integrate IoT Security with Cisco Meraki Cloud
- Set up Cisco Meraki Cloud for Integration
- Set up IoT Security and XSOAR for Cisco Meraki Cloud
- Integrate IoT Security with Cisco Prime
- Set up Cisco Prime to Accept Connections from IoT Security
- Set up IoT Security and XSOAR for Cisco Prime Integration
- Integrate IoT Security with Network Switches for SNMP Discovery
- Set up IoT Security and Cortex XSOAR for SNMP Discovery
- Integrate IoT Security with Switches for Network Discovery
- Set up IoT Security and Cortex XSOAR for Network Discovery
-
- Integrate IoT Security with Aruba WLAN Controllers
- Set up Aruba WLAN Controllers for Integration
- Set up IoT Security and XSOAR for Aruba WLAN Controllers
- Integrate IoT Security with Cisco WLAN Controllers
- Set up Cisco WLAN Controllers for Integration
- Set up IoT Security and XSOAR for Cisco WLAN Controllers
-
- Integrate IoT Security with Aruba ClearPass
- Set up Aruba ClearPass for Integration
- Set up IoT Security and XSOAR for ClearPass Integration
- Put a Device in Quarantine Using Aruba ClearPass
- Release a Device from Quarantine Using Aruba ClearPass
- Integrate IoT Security with Cisco ISE
- Set up Cisco ISE to Identify IoT Devices
- Set up Cisco ISE to Identify and Quarantine IoT Devices
- Configure ISE Servers as an HA Pair
- Set up IoT Security and XSOAR for Cisco ISE Integration
- Put a Device in Quarantine Using Cisco ISE
- Release a Device from Quarantine Using Cisco ISE
- Apply Access Control Lists through Cisco ISE
- Integrate IoT Security with Cisco ISE pxGrid
- Set up Integration with Cisco ISE pxGrid
- Put a Device in Quarantine Using Cisco ISE pxGrid
- Release a Device from Quarantine Using Cisco ISE pxGrid
- Integrate IoT Security with Forescout
- Set up Forescout for Integration
- Set up IoT Security and XSOAR for Forescout Integration
- Put a Device in Quarantine Using Forescout
- Release a Device from Quarantine Using Forescout
-
- Integrate IoT Security with Qualys
- Set up QualysGuard Express for Integration
- Set up IoT Security and XSOAR for Qualys Integration
- Perform a Vulnerability Scan Using Qualys
- Get Vulnerability Scan Reports from Qualys
- Integrate IoT Security with Rapid7
- Set up Rapid7 InsightVM for Integration
- Set up IoT Security and XSOAR for Rapid7 Integration
- Perform a Vulnerability Scan Using Rapid7
- Get Vulnerability Scan Reports from Rapid7
- Integrate IoT Security with Tenable
- Set up Tenable for Integration
- Set up IoT Security and XSOAR for Tenable Integration
- Perform a Vulnerability Scan Using Tenable
- Get Vulnerability Scan Reports from Tenable
Set up QualysGuard Express for Integration
Set up Qualys for integration with IoT Security through
Cortex XSOAR.
It’s assumed that you’ve already set up one
or more Qualys scanners and defined the assets you want to scan.
If you want to add more assets, such as IoT devices that were not
included in a previously defined inventory, do that in the Assets
section by clicking Add IPs for Scanning.
To
set up your Qualys VM instance to integrate with IoT Security through
Cortex XSOAR, you must create a user account that allows XSOAR to
access the Qualys API, and (optionally) add a custom options profile.
Both tasks are explained in this section.
These instructions
explain how to integrate IoT Security and Cortex XSOAR with QualysGuard
Express v10.9.0.0-2. However, you can integrate IoT Security and
XSOAR with any Qualys product that has vulnerability management.
User Account with API Access
- Ask your Qualys representative to enable the API for your account.Copy the Qualys URL.The URL you need to use is listed under Security Operations Center (SOC); for example, https://qualysguard.qg3.apps.qualys.com. Depending on your geographic region, this might be different. Copy the URL and save it for configuring the Qualys instance in the Cortex XSOAR UI.Create a Qualys user account for XSOAR to use when connecting to Qualys.
- Enter the Vulnerability Management section and then click UsersManage User AccountsNewUser.
- Create a Qualys user account by filling the required fields on the General Information tab.
- Click User Role, choose Manager, and select API.
- Click Permissions, select Manage VM module, and then Save.Qualys sends a welcome email to the user’s email address with a username and one-time link to obtain a password.
- After you create the new user account, check that it has enough storage space (200 MB) for generating vulnerability scan reports.To check, click ReportsSetupReport Share. If the user limit range is less than 200 MB, enter 200 (or higher) in the Up to ___ MB per user. field and then Save.
- When you receive the email from Qualys and follow the link to set a new password, note the username in the email and the new password that you set.If you edit a user account and change the email address, Qualys won’t send another welcome email to the second address. To change the email address for an account and have Qualys send a welcome email to the new address, delete the first account and then create a new account with the second address.
Options Profile (Optional)
An options profile defines the type of vulnerability scan for the Qualys VM scanner to run. You can use the default profile or optionally create a new one.- Click ScansOption ProfilesNewOption Profile, enter the following, and then Save.Option Profile Title: Enter a title for the profile. (Note this name because you will enter it later in the IoT Security portal when defining the type of scan to run on a particular device.)Scan: Define the parameters of the vulnerability scan.Map: Set information gathering preferences.Additional: Enter additional settings for the scan such as which TCP and UDP ports to check to ensure a device is responsive before attempting a full scan.Repeat the previous step to create multiple option profiles.