Improve the efficiency of your vulnerability management and maximize your budget by instantly importing known issues found on your Qualys WAS scans into Crowdcontrol. Automatically importing these known issues will leverage Crowdcontrol's triage engine to seamless identify any incoming duplicate submissions from Bugcrowd researchers. Follow the steps below to integrate Qualys with Crowdcontrol.
Note: Qualys WAS Data Import
Crowdcontrol will check for new Qualys WAS scan data to import every hour and import new scan data.
First, select the
Settings page on the Crowdcontrol navbar.
Next, select the
Integrations tab and select the gray, Qualys
Once on the Qualys integration settings, enter in the integration name. This name will appear within Crowdcontrol.
Then select the correct API Location to configure your Qualys WAS. When selecting the correct API location, first identify your Qualys WAS login URL. For example,
https://qualysguard.qg2.apps.qualys.com. Once identified, your API location will be the same as your Qualys account login except you instead of
qualysguard the API location will be
qualysapi. So for the login URL example above, the corresponding API location would be
Enter your Qualys WAS username and password. Select the blue
Test Authorization button to confirm Qualys has been properly integrated to Crowdcontrol. Once confirmed, select the blue
Next, select the
Web Application Configuration tab on the left-hand side.
Configure the web application scans you would like to import into Crowdcontrol by toggling each web scan to the right. A green toggle notifies the web application scan has been successfully configured. Import one or multiple scans by toggling each one.
Once your Quays web application scans have been configured, ensure the Qualys integration is enabled by moving the
Integration Status toggle to the right as seen below.
Imported Qualys submissions will automatically be imported at an "Unresolved" status. These submissions can be identified by the Qualys logo shield as seen in the image below.
When Qualys submission is identified and fixed in a scan, Crowdcontrol will automatically move the submission from an 'Unresolved' state to the 'Resolved' state as seen below.
You can identify Qualys submissions in the submission inbox by the Qualys logo shield located below the submission's priority. To filter your inbox to show only Qualys submissions, use the
Source filter shown in the image below.
Learn More: Submission Inbox Filters
The submission inbox provides customizable filtering. Learn more about the inbox filtering here.