Qualys Integrations
Unlock the full potential of the Enterprise TruRisk Platform with seamless native integrations. Elevate your risk management with Qualys connectors to bridge the gap between IT and Security and fine-tune TruRisk Scoring.
All risk factors from your environment, consolidated into one platform.
No Code Required.
Connect to the Enterprise TruRisk Platform
QUALYS APPLICATIONS:
CATEGORIES:
PLATFORM:
Qualys Web App Scanning Connector for Azure DevOps
Type
CI/CD
The Azure DevOps extension helps integrate the Azure Pipelines CI/CD tool with the Qualys Web Application Scanning (WAS) Module. This extension will empower DevOps teams to build application vulnerability scans into their existing Azure pipeline tasks. By integrating scans in this manner, application security testing is accomplished earlier in the SDLC to catch and eliminate security flaws. The extension can be configured to fail or pass the builds based on the vulnerabilities detected. The extension will also generate a report for the scan in the build. The current version of the extension will only support the cloud-based Azure DevOps Setup.
Read moreQualys Applications supported
WAS
Qualys VM for IBM QRadar
Type
SIEM
If you have a Qualys subscription and API access, you can use the Qualys VM app to ingest your Qualys VM detections into QRadar and visualize them on a single page. Install the app, configure, and schedule the sync. The Qualys App will continue pulling your detection delta, so you will always see updated reports.Want to visualize historical data? Just use date-time pickers given in the Qualys App and see useful reports.
Read moreQualys Applications supported
VM
Qualys CMDB Sync
Type
Inventory
The Qualys CMDB Sync App for Configuration Management Database (CMDB) automatically synchronizes comprehensive information about your global IT resources that Qualys Asset Inventory continuously monitors. This leverages Qualys’ highly distributed and scalable cloud platform and various data collection tools including Qualys’ groundbreaking Cloud Agents, to compile and continually update a full inventory of your IT assets everywhere- on-premises, in elastic clouds, and mobile endpoints.
Read moreQualys Applications supported
CSAM
Qualys IaC Security for Atlassian Bitbucket
Type
CI/CD
Qualys IaC Bitbucket pipeline script scans the Infrastructure-as-Code templates from your Bitbucket repository using Qualys CloudView (Cloud Security Assessment). It checks for security issues using the Qualys Cloud Infrastructure as Code scans and displays the failed checks as pipeline annotations.
Read moreQualys Applications supported
TC/IaC Security
Qualys Container Scanning Connector for Azure DevOps
Type
CI/CD
The Azure DevOps extension helps integrate the Azure Pipelines CI/CD tool with the Qualys Container Security (CS) Module. Currently, this extension, along with the CS Sensor, helps to get the security posture for the OCI-compliant container images built via the tool. The extension can be configured to fail or pass the container image builds based on the vulnerabilities detected. The extension will also generate a report for the container image in the build.
Read moreQualys Applications supported
CS
Qualys CMDB sync Service Graph Connector
Type
Inventory
The Qualys CMDB Sync Service Graph Connector for Configuration Management Database (CMDB) automatically synchronizes comprehensive information about your global IT resources that Qualys Asset Inventory continuously monitors. This leverages Qualys’ highly distributed and scalable cloud platform, and various data collection tools, including Qualys’ groundbreaking Cloud Agents to compile and continually update a full inventory of your IT assets everywhere - on-premises, in elastic clouds, and mobile endpoints.
Read moreQualys Applications supported
CSAM
Qualys Web App Scanning Connector for Jenkins
Type
CI/CD
The Qualys Web App Scanning Connector empowers DevOps teams to build application vulnerability scans into their existing CI/CD processes. By integrating scans in this manner, application security testing is accomplished earlier in the SDLC to catch and eliminate security flaws.
Read moreQualys Applications supported
WAS
Qualys FIM for IBM QRadar
Type
SIEM
Suppose you have a Qualys subscription and API access. In that case, you can use the Qualys App for QRadar to ingest your Qualys FIM Events, Ignored Events, and Incidents into QRadar and visualize them on a single page.All you need to do is install the app, configure the app, and schedule the sync. The Qualys FIM App will continuously pull your event delta. Want to visualize historical data? Use date-time pickers in the QRadar's Activity log or application Dashboard to check the useful information.
Read moreQualys Applications supported
FIM
Vulnerability Response Integration with Qualys WAS
Type
Ticketing
With Vulnerability Response Integration with Qualys WAS, Qualys leverages the WAS APIs to integrate with ServiceNow. Use this integration to get a single glass pane view of all your web application scans in ServiceNow that helps you prioritize and remediate application vulnerabilities
Read moreQualys Applications supported
WAS
Qualys Core App
Type
Ticketing
With Vulnerability Response Integration with Qualys WAS, Qualys leverages the WAS APIs to integrate with ServiceNow. Use this integration to get a single glass pane view of all your web application scans in ServiceNow that helps you prioritize and remediate application vulnerabilities
Read moreQualys Applications supported
VM
FIM
PC
Qualys Container Scanning Connector for Jenkins
Type
CI/CD
The Qualys Container Scanning Connector for Jenkins empowers DevOps to assess container images in their existing CI/CD processes with the help of Qualys Container Security(CS) module. Integrating this assessment step will help you catch and eliminate container images related flaws. This plugin supports pipeline as well as freestyle projects.
Read moreQualys Applications supported
CS
Qualys VMDR for ITSM
Type
ITSM
Qualys VMDR helps organizations to automate the process of vulnerability management. It provides the ability to create ServiceNow tasks based on vulnerability findings from Qualys VMDR, assign tasks to appropriate assignment groups, and automatically close the tasks once the vulnerabilities are remediated.
Read moreQualys Applications supported
VM
Qualys IaC Security for Azure DevOps
Type
CI/CD
The Qualys IaC Security empowers DevOps teams to build Infrastructure as Code (IaC) scans into their existing CI/CD processes. By integrating scans in this manner, infrastructure-as-code security is accomplished earlier in the SDLC to catch and eliminate misconfigurations in your cloud. The extension can be configured to fail or pass the builds based on the misconfigurations detected.
Read moreQualys Applications supported
TC/IaC Security
Qualys Host Scanning Connector for Jenkins
Type
CI/CD
The Qualys Host Scanning Connector empowers DevOps teams to automate the VM scanning of host and EC2 cloud instances from Jenkins. By integrating scans this way, Host or Cloud instance security testing is accomplished to discover and eliminate security flaws.
Read moreQualys Applications supported
VM
Qualys Container Scanning Connector for Atlassian Bamboo
Type
CI/CD
Qualys Container Security provides discovery, tracking, and continuous protection for container environments. This addresses vulnerability management for images and containers in their DevOps pipeline and deployments across cloud & on-premise environments. Atlassian Bamboo users can integrate with Qualys Container Security to get the vulnerability analysis of images in the build environment. You need to buy a Qualys subscription to deploy and use the plugin. Install the Container Sensor on the Build host (nodes) where the images are being created. The sensor performs a vulnerability analysis of the images configured in the connector. The Bamboo connector provides a detailed list of the vulnerabilities directly within the connector. You can optionally access your Qualys subscription to view the full report.
Read moreQualys Applications supported
CS
Qualys Policy Compliance Scanning Connector for Jenkins
Type
CI/CD
The Qualys Policy Compliance Scanning Connector empowers DevOps to automate the PC scanning of host or cloud instances from Jenkins. By integrating scans in this manner, Host or cloud instance security testing is accomplished to discover and eliminate policy compliance-related flaws.
Read moreQualys Applications supported
PC
Qualys Connector for Atlassian Jira
Type
Ticketing
Qualys integration with Jira helps organizations automate vulnerability remediation workflows by providing real-time visibility into vulnerability status and streamlining IT & Security operations to reduce the time for remediation. This integration helps you to bring vulnerability context in Jira and to streamline the overall vulnerability tracking process along with the owners. The best part is that we support both Cloud and on-premises Jira instances.
Read moreQualys Applications supported
VM
WAS
CS
Qualys Web App Scanning Connector for Atlassian Bamboo
Type
CI/CD
With a valid Qualys WAS account, you can configure the plugin to fail the build if certain criteria are met, such as the presence of specific QIDs or a severity 5 vulnerability. Scan results can be viewed directly in Bamboo, and a link to the full scan report in the Qualys UI is also provided. The plugin supports all Qualys shared platforms and customers using a private cloud platform (PCP)
Read moreQualys Applications supported
WAS
Qualys Cloud Agent for VMware Tanzu
Type
PaaS
With Qualys Cloud Agent deployed in your VMs, you can receive continuous network security updates through the cloud.
Read moreQualys Applications supported
CA
Qualys IaC Security CLI
Type
CI/CD
The Qualys IaC app provides quick & reliable way to assess your Infrastructure-as-a-Code templates and uncover potential vulnerable situations. The QIaC provides you with an interface to interact with Qualys IaC module in a simple way.
Read moreQualys Applications supported
TC/IaC Security
Qualys WAS Burp Extension
Type
CI/CD
The Qualys WAS Burp extension provides a way to easily push Burp scanner findings to the Web Application Scanning (WAS) module within the Qualys Cloud Platform. As a Qualys WAS customer, you can view and report Burp issues alongside WAS findings for a complete picture of your web application's security posture.
Read moreQualys Applications supported
WAS
AD Connector
Type
Inventory
Security teams must account for all Active Directory-managed assets, but they often rely only on IP scans and spreadsheets to inventory these assets. This creates coverage gaps and blind spots, leaving assets unmanaged in their VM program. Active Directory also contains device data critical to security posture, but organizations struggle to extract the data in a form that can be operationalized.That’s why Qualys CyberSecurity Asset Management (CSAM) has introduced the Microsoft Active Directory connector. In addition to powerful native discovery methods, CSAM has added the ability to discover all Active Directory-managed assets and specific business context stored in AD. This allows security teams to uncover blind spots in their attack surface and enrich managed assets with critical business context. It also bridges the IT security gap, aligning teams with consistent and accurate asset data in AD and VMDR. By reducing the coverage gap in VMDR and other security programs, organizations accelerate risk-based vulnerability prioritization with critical business context.
Read moreQualys Applications supported
CSAM
BMC Helix Connector
Type
Inventory
The Qualys BMC Helix CMDB Connector automatically synchronizes comprehensive information about your global IT resources for Qualys Asset Inventory to monitor continuously. The BMC Helix Connector leverages Qualys' highly distributed and scalable cloud platform and various data 'collection tools, including Qualys Cloud Agents, to compile and continually maintain a complete inventory of your IT assets. The connector offers two-way synchronization, allowing you to discover Qualys assets in your BMC Helix environment.
Read moreQualys Applications supported
CSAM
Qualys Technology Add-On for Splunk Enterprise
Type
SIEM
The IntSights integration with Qualys combines IntSights Vulnerability Risk Analyzer™ with Qualys Cloud Platform for complete visibility into assets and prioritized vulnerabilities across the enterprise. Security teams get relevant risk-scored CVEs enriched with external threat intelligence, revolutionizing the vulnerability patch management process. This robust integration enables joint customers to instantly sync vulnerabilities from Qualys and prioritize CVE patching based on risk severity.
Read moreQualys Applications supported
VM
PC
WAS
CS
FIM
EDR
SEM
Add Third-Party Risk Factors to TruRisk Today
"With the Qualys CMDB Sync into the Service Graph Connector, customers can further simplify asset life cycle management while improving their security posture."
- Jeff Hausman, VP and General Manager of IT Ops, Security, and CMDB, ServiceNow
With the Qualys CMDB Sync into the Service Graph Connector, customers can further simplify asset life cycle management while improving their security posture.
Jeff Hausman
P and General Manager of IT Ops, Security, and CMDBWe use Qualys as a way to paint a picture of security and feed it to our executives.
Chris Lalonde
Senior Manager, Information Security, eBayAs soon as we introduced Qualys’ APIs into the environment, we cut the time to less than 24 hours.
Emmanuel Enaohwo
Senior Manager for Vulnerability / Configuration Management, Capital OneQualys has allowed us to gain visibility to vulnerabilities that we’ve never had access to, especially since our workforce is typically mobile and at client sites.
