Contents x
      QualysVM 1.0.2
      • 03 Feb 2023
      • 1 Minute to read
      • Dark
        Light
      • PDF
      Contents

      QualysVM 1.0.2

      • Updated on 03 Feb 2023
      • 1 Minute to read
      • Dark
        Light
      • PDF
      Article Summary

      tags: Python | Vulnerability Scanner | Qualys | Cli

      Description

      Integration with QualysVM supports CDC users by providing vulnerability data for provided IP addresses. This capability enables CDC users to make informed decisions regarding incident response.

      The QualysVM API allows third parties to integrate their own applications with QualysVM cloud security and compliance solutions, using an extensible XML interface. QualysVM tracks the disposition of each vulnerability on each host over time. This helps document actions taken in response to each vulnerability and monitor the effectiveness of remediation efforts.

      CyberProof has provided CLI commands to cater to user actions, such as to enrich IP addresses and get vulnerability detection details in a CSV file. These enable getting more details about existing known vulnerabilities information on a specified IP address.

      Integration Type:Threat Intelligence Enrichment
      Information read:Vulnerability data from the Qualys Vulnerability Management tool for a given IP address.
      API Supported:API V3.0
      Input:IP address details in CLI.
      Output:Detailed CSV file containing vulnerability data for a given IP in input.

      Customer Configuration

      No customer configuration

      CDC Command Lines

      * **get_vulnerability_detection_csv_cli**
      Get vulnerability detection CSV.

      OptionTypeDescriptionRequired
      keystringThe Redis key to fetch CSV details.True

      * **enrich_ip_cli**
      Provides the capability for tracking the IP vulnerabilities from Qualys, for the specified IP.

      OptionTypeDescriptionRequired
      ipstringIpv4/v6 format.True

      Workflows

      * **post_enrich_ip**
      Post enrich-ip in the CDC, by the ID of the incident/message/channel.

      Rules

      No rules

      Sensors

      No sensors

      Triggers

      No triggers

      Known Issues

      • Qualys API has a limitation of 300 API calls per hour, with a waiting time given as 300 seconds (five minutes).
      Was this article helpful?
      What's Next