Integrating Qualys vulnerability scan data with Chariot allows organizations to enhance their security operations by centralizing critical vulnerability insights within a single, continuous offensive security platform. Qualys provides robust scanning capabilities, identifying vulnerabilities across assets-- when integrated with Chariot, it enables Praetorian engineers to distill Qualys findings down the vulnerabilities that attackers are most likely to use to compromise your environment.

Below, you will find the instructions on how to set up the Qualys API integration in Chariot.

From the Attack Surface page, click the + New Attack Surface button.

From the available integration tiles, select Qualys.

     Note: Qualys Import is used to import results from a Qualys scan in .csv. The Qualys integration will continuously pull Qualys data via API.

In the attack surface setup dashboard, find Qualys, and click Setup.

This will bring up the Qualys Setup dialogue.

Within the dialogue, you will see the information necessary to complete the integration. While it's possible to populate this with an existing user account, it is recommended to create a user for Chariot. The below steps will describe how to create a user with the appropriate permissions.

Someone with Admin privileges in your Qualys account will log in and go to the Users page.

On the Users page click on New, and then User...:

For the new user, under General Information, you can input data into the required fields as is most appropriate for your organization.

     Note: Chariot will not be affected by this information, but you can add "Chariot" as first name, "Integration" as last name, "Security" as a title, and the admin's phone number and email address.

No action is needed under the Locale tab.

On the User Role tab, select the Reader user role, and click the box for API access.

All other settings can be left as default.

Click Save.

On clicking save, Qualys will send an email to the account used in the General Information tab.

Click Activate Your Account in the email and enter the one time password sent with the email.

 

When you enter the one time password, your account will be activated and you will be immediately redirected to a page that presents the URL, username, and password for the newly created user. 

Copy each of these values and input them into Chariot's Qualys Setup box.

Click Finish. Your Qualys API integration is all set!

 

We hope these instructions were helpful! If you find a topic that you would like discussed in detail, or need further assistance, please let us know at support@praetorian.com!