Qualys

Improve the efficiency of your vulnerability management and maximize your budget by importing known issues found on your Qualys WAS scans into Crowdcontrol. Importing known issues into Crowdcontrol will enable our Application Security Engineers (ASEs) to identify any incoming duplicate submissions submitted by researchers.

Setting up Qualys Integration in Crowdcontrol

You can integrate Qualys with Crowdcontrol.

Qualys WAS Data Import: Crowdcontrol will check for new Qualys WAS scan data to import every hour and import new scan data.

  1. Go to your program’s Settings tab and then click Integrations.

    integration-tab

  2. Click Add Integrations for Qualys.

    add_integration

    The Authorization page is displayed that allows you to authorize Crowdcontrol to access your Qualys account.

  3. Provide the following information:

    • Name: Enter a name of the Integration that must be displayed in Qualys.

    authorization

    • API Location: Select the API endpoint where your Qualys instance runs. When selecting the correct API location, first identify your Qualys WAS login URL. For example, https://qualysguard.qg2.apps.qualys.com. Once identified, your API location will be the same as your Qualys account login except that instead of qualysguard, the API location will be qualysapi. Therefore, for the preceding login URL, the corresponding API location is https://qualysapi.qg2.apps.qualys.com.

    api-location

    • Username: The username of the Qualys WAS account you will be using to connect
    • Password: The password of the Qualys WAS account you will be using to connect
  4. Click Test Authorization to confirm Qualys is properly integrated to Crowdcontrol. Once confirmed, click Save and Connect.

    username-password

  5. Click Web Application Configuration on the left pane.

    web-app-config

  6. Configure the Web Application Scans you want to import into Crowdcontrol by toggling each web scan to the right. A green toggle notifies the web application scan has been successfully configured. Import one or multiple scans by toggling each web scan.

    web-app-status

  7. Specify the filters to apply when importing Qualys WAS scans. Up to 7 WAS filters can be specified. The filters that are currently used are shown in the Current Active Filter section. Once the filters are updated and saved, these will become the new Active Filters and will be applied when importing the next set of Qualys scans

    filters

  8. Enable Qualys integration by moving the Integration Status toggle to the right.

    enable-integration

Qualys WAS Vulnerabilities in Crowdcontrol

Identify Qualys Submission

The imported Qualys submissions are automatically imported in the Unresolved status. These submissions can be identified by the Qualys logo shield.

identify-qualys-submission

Qualys Submissions Auto-Resolved

When Qualys submission is identified and fixed in a scan, Crowdcontrol will automatically move the submission from an Unresolved state to the Resolved state as shown.

submissions-auto-resolved

Submission Inbox

You can identify Qualys submissions in the submission inbox by the Qualys logo shield located below the submission’s priority. To filter your inbox to show only Qualys submissions, use the Source filter.

inbox

Submission Inbox Filters: The submission inbox provides customizable filtering. For more information, see submission filtering.

Qualys VMDR Vulnerabilities in Crowdcontrol

Qualys VMDR vulnerabilities which are Remediation tickets can also be imported into Crowdcontrol. Unlike importing WAS scans which are automatically imported every hour, users need to click the Import Remediation Tickets button at the bottom of the VMDR Remediation Tickets page to import the VMDR Remediation tickets. Before importing the Remediation tickets, users need to specify the filters. Clicking the Import Remediation Tickets button imports the filtered Remediation tickets into Crowdcontrol, and also saves the current filter configuration as an active filter configuration.

process-remediation-tickets

Remediation Tickets

You can configure and import remediation tickets from your Qualys account into Crowdcontrol by using the filters in the VMDR Remediation tickets section.

remediation-tickets

You can filter the remediation tickets by:

  • Specific ticket numbers or ranges, ticket assignee, and ticket modified dates

    ticket-numbers

  • Ticket states and validity

    ticket-states-and-validity

  • Vulnerability details and severity levels

    ticket-severity

  • Ticket IPs and Asset groups info

    ticket-asset-info

  • Text content within fields

    text-content-within-fields

Managing Bugcrowd Vulnerabilities Within WAS Account

For information about managing Bugcrowd-found vulnerabilities within a Qualys WAS account, see <https://qualysguard.qg1.apps.qualys.in/portal-front/module/was/#tab=was-web-applications.datalist-webapps/>.

Submission Inbox Filters: The submission inbox provides customizable filtering. For more information, see submission filtering.