Welcome to Bugcrowd's Product Documentation Center

You'll find comprehensive guides and documentation to help you start working with Bugcrowd as quickly as possible.

Qualys

Automatically import Qualys WAS scan data into Crowdcontrol

Improve the efficiency of your vulnerability management and maximize your budget by instantly importing known issues found on your Qualys WAS scans into Crowdcontrol. Automatically importing these known issues will leverage Crowdcontrol's triage engine to seamless identify any incoming duplicate submissions from Bugcrowd researchers. Follow the steps below to integrate Qualys with Crowdcontrol.

Note: Qualys WAS Data Import

Crowdcontrol will check for new Qualys WAS scan data to import every hour and import new scan data.

Qualys Integration Set Up

1. Navigate to the settings page

First, select the Settings page on the Crowdcontrol navbar.

2. Select Integrations

Next, select the Integrations tab and select the gray, Qualys Configure button.

3. Enter Integration Name

Once on the Qualys integration settings, enter in the integration name. This name will appear within Crowdcontrol.

4. Select the API Location

Then select the correct API Location to configure your Qualys WAS. When selecting the correct API location, first identify your Qualys WAS login URL. For example, https://qualysguard.qg2.apps.qualys.com. Once identified, your API location will be the same as your Qualys account login except you instead of qualysguard the API location will be qualysapi. So for the login URL example above, the corresponding API location would be https://qualysapi.qg2.apps.qualys.com.

5. Enter Username & Password

Enter your Qualys WAS username and password. Select the blue Test Authorization button to confirm Qualys has been properly integrated to Crowdcontrol. Once confirmed, select the blue Saved button.

6. Select the Web Application Configuration Tab

Next, select the Web Application Configuration tab on the left-hand side.

7. Configure Web Application Scans

Configure the web application scans you would like to import into Crowdcontrol by toggling each web scan to the right. A green toggle notifies the web application scan has been successfully configured. Import one or multiple scans by toggling each one.

8. Enable Integration

Once your Quays web application scans have been configured, ensure the Qualys integration is enabled by moving the Integration Status toggle to the right as seen below.

Qualys WAS Vulnerabilities in Crowdcontrol

Identify Qualys Submission

Imported Qualys submissions will automatically be imported at an "Unresolved" status. These submissions can be identified by the Qualys logo shield as seen in the image below.

Qualys Submissions Auto-Resolved

When Qualys submission is identified and fixed in a scan, Crowdcontrol will automatically move the submission from an 'Unresolved' state to the 'Resolved' state as seen below.

Submission Inbox

You can identify Qualys submissions in the submission inbox by the Qualys logo shield located below the submission's priority. To filter your inbox to show only Qualys submissions, use the Source filter shown in the image below.

Learn More: Submission Inbox Filters

The submission inbox provides customizable filtering. Learn more about the inbox filtering here.

Qualys

Automatically import Qualys WAS scan data into Crowdcontrol