Qualys

Qualys Vulnerability Management let's you create, run, fetch and manage reports, launch and manage vulnerability and compliance scans, and manage the host assets you want to scan for vulnerabilities and compliance

If you have a network with many assets, Qualys can detect vulnerabilities and policy compliance.

What does this content pack do?

Run scans for vulnerabilities and policy compliance.
Create reports about the scans.
Manage the hosts and assets on your network.

There are several playbooks in this pack. Each playbook launches a report or scan and fetches it when it is ready.

Authentication

Qualys Vulnerability Management uses basic authentication. You'll need your Qualys login credentials to use this integration.
Qualys user accounts that have been enabled with VIP two-factor authentication can be used with the Qualys API, however two-factor authentication will not be used when making API requests. Two-factor authentication is only supported when logging into the Qualys GUI.

PUBLISHER

Cortex XSOAR

INFO

Certification	Certified	Read more
Supported By	Cortex XSOAR
Created	June 30, 2020
Last Release	May 18, 2022

WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.

Playbooks

Name	Description
Launch And Fetch Remediation Report - Qualys	Launches a remediation report and fetches the report when it's ready.
Launch And Fetch Host Based Findings Report - Qualys	Launches a host based report and fetches the report when it's ready.
Launch And Fetch Compliance Policy Report - Qualys	Launches a compliance policy report and then fetches the report when it's ready.
Launch And Fetch Patch Report - Qualys	Launches a patch report and fetches the report when it's ready.
Launch And Fetch VM Scan - Qualys	Launches a scan and fetches the scan when it's ready.
Vulnerability Management - Qualys (Job) - V2	Use the latest Qualys report to manage vulnerabilities. This playbook runs as a job, and by default creates incidents of type "Vulnerability" based on assets and vulnerabilities. The incidents are created from the latest version of the report determined by the report timestamp. You can define the minimum severity (minSeverity) that incidents are created for. Duplicate incidents are not created for the same asset ID and QID. This playbook is a part of a series of playbooks for Qualys vulnerability management and remediation. For this series of playbooks to run successfully, create a Job and do the following: Assign this playbook to the Job Enter the Qualys XML report name into the "Details" field Associate the "Vulnerability" type incident to the "Vulnerability Handling - Qualys" playbook.
Vulnerability Management - Qualys (Job)	Use the latest Qualys report to manage vulnerabilities. This playbook runs as a job, and by default creates incidents of type "Vulnerability" based on assets and vulnerabilities. The incidents are created from the latest version of the report determined by the report timestamp. You can define the minimum severity (minSeverity) that incidents are created for. Duplicate incidents are not created for the same asset ID and QID. This playbook is a part of a series of playbooks for Qualys vulnerability management and remediation. For this series of playbooks to run successfully, create a Job and do the following: Assign this playbook to the Job Enter the Qualys XML report name into the "Details" field Associate the "Vulnerability" type incident to the "Vulnerability Handling - Qualys" playbook.
Launch And Fetch Compliance Report - Qualys	Launches a compliance report and fetches the report when it's ready.
Launch And Fetch PC Scan - Qualys	Launches a PC scan and fetches the scan when it's ready.
Launch And Fetch Scheduled Report - Qualys	Launches a scheduled report and fetches the report when it's ready.
Launch And Fetch Scan Based Findings Report - Qualys	Launches a scan based report and fetcesh the report when it's ready.
Launch And Fetch Map Report - Qualys	Launches a map scan report and fetches the report when it's ready.

Automations

Name	Description
QualysCreateIncidentFromReport	Create incidents from a Qualys report (XML), based on the Qualys asset ID and vulnerability ID (QID). Duplicate incidents are not created for the same asset ID and QID.

Integrations

Name	Description
Qualys v2	Qualys Vulnerability Management lets you create, run, fetch and manage reports, launch and manage vulnerability and compliance scans, and manage the host assets you want to scan for vulnerabilities and compliance.
Qualys (Deprecated)	Deprecated. Use Qualys v2 instead.

Required Content Packs (7)

Pack Name	Pack By
Base	By: Cortex XSOAR
CommonScripts	By: Cortex XSOAR
CommonPlaybooks	By: Cortex XSOAR
DemistoRESTAPI	By: Cortex XSOAR
rasterize	By: Cortex XSOAR
FiltersAndTransformers	By: Cortex XSOAR
CommonTypes	By: Cortex XSOAR

Optional Content Packs (0)

Pack Name	Pack By

1.0.19 - 2941201 (May 18, 2022)

Scripts

QualysCreateIncidentFromReport

Fixed an issue where XML reports were not parsed properly to create an incident.

What does this content pack do?

Authentication

PUBLISHER

INFO

WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER

Scripts

QualysCreateIncidentFromReport

Integrations

Qualys v2

Integrations

Qualys v2

Playbooks

Vulnerability Management - Qualys (Job) - V2

Integrations

Qualys v2

Integrations

Qualys v2

Scripts

QualysCreateIncidentFromReport

Playbooks

Vulnerability Management - Qualys (Job) - V2

Playbooks

Vulnerability Management - Qualys (Job) - V2

Integrations

Qualys v2

Integrations

Qualys v2

Scripts

QualysCreateIncidentFromReport

Integrations

Qualys v2

Playbooks

Vulnerability Management - Qualys (Job) - V2

Launch And Fetch PC Scan - Qualys

Launch And Fetch Map Report - Qualys

Launch And Fetch Compliance Policy Report - Qualys

Launch And Fetch VM Scan - Qualys

Launch And Fetch Scheduled Report - Qualys

Launch And Fetch Patch Report - Qualys

Launch And Fetch Compliance Report - Qualys

Launch And Fetch Host Based Findings Report - Qualys

Launch And Fetch Scan Based Findings Report - Qualys

Launch And Fetch Remediation Report - Qualys

Integrations

Qualys (Deprecated)

Scripts

QualysCreateIncidentFromReport

Integrations

Qualys

New: Qualys v2

Playbooks

New: Launch And Fetch Remediation Report - Qualys

New: Launch And Fetch Host Based Findings Report - Qualys

New: Launch And Fetch VM Scan - Qualys

New: Launch And Fetch Scheduled Report - Qualys

New: Launch And Fetch Compliance Policy Report - Qualys

New: Launch And Fetch Map Report - Qualys

New: Launch And Fetch Scan Based Findings Report - Qualys

New: Launch And Fetch PC Scan - Qualys

New: Launch And Fetch Patch Report - Qualys

New: Launch And Fetch Compliance Report - Qualys

New: Vulnerability Management - Qualys (Job) - V2

Integrations

Qualys

Integrations

Qualys

Scripts

QualysCreateIncidentFromReport