Overview


About

Web apps, often plagued by vulnerabilities and misconfigurations due to poor coding and faulty hardening policies, can be put on your network by almost anyone. Large organizations have hundreds, even thousands of apps. Qualys WAS gives you visibility and control by finding official and “unofficial” apps throughout your environment and letting you categorize them.

When integrated into the Vulcan Platform, you'll be able to review Websites vulnerabilities on your assets while leveraging the power of Vulcan Cyber discoverability and automation.


Prerequisites and User Permissions

You can either use an existing user and make sure it has the required permissions and assigned roles or create a new user for the Qualys Was integration.

Step A: Setup an API role in Qualys WAS

  1. Go to Administration > Role Management

  2. Edit an existing role or create a new role with the following permissions.

    The Role access and permissions required are API Access and Web Application Scanning Module.

    See it in action:

Step B: Assign the Role to the relevant user

Assign the created role to a user. In the example below, we created a dedicated role called "WAS API" and assigned it to the user we are using for the integration.

  1. Go to Administration > User Management > Click on the relevant user and then click Actions > Edit.

  2. Go to Roles and Scopes.

  3. Add the created role to the Assigned roles of this user.

    See it in action:


Configure the Qualys WAS Connector

  1. Log in to your Vulcan Cyber dashboard and go to Connectors.

  2. Click on Add a Connector.

  3. Click on the Qualys WAS icon.

  4. Enter the following information into the connector setup page.

  5. Click the Test Connectivity button to verify that Vulcan Cyber can connect to your Qualys WAS instance, then click Create (or Save Changes).

  6. Allow some time for the sync to complete. You can review the sync status under Log.

  7. To confirm the sync is complete, navigate to the Connectors tab to check the sync status. Once the Qualys WAS icon shows Connected, the connection is complete.


From Qualys WAS to the Vulcan Platform - Fields Mapping

Connector Fields Mapping

Qualys WAS

Vulcan field

WebApp name

Website name

Created date

Launch date

Type

Type

QID

QID

Severity

Severity

First detected date

First seen

Last detected seen

Last seen

URL

URL

External ID

External ID

Start sync timestamp

Vulcan Update timestamp

Result list

Result list

CWE List

CWE

OWASP Name

OWASP Name

OWASP URL

OWASP URL

Vulnerability Score Mapping

Qualys WAS Score

Vulcan score

5

10

4

7.5

3

5

2

2.5

1

0

0

0

Vulnerability Status Mapping

Qualys Status

Vulcan Statue

Any status other than "Fixed"

Vulnerable

Fixed

Fixed


Locate Qualys WAS vulnerabilities in the Vulcan Platform

As Qualys WAS discovers vulnerabilities, the Vulcan Platform connector imports those vulnerabilities for reporting and action. With many assets and vulnerabilities, discovering specific vulnerabilities via source is made easy with filters.

  1. Open the Vulcan Platform dashboard and navigate to the Vulnerabilities. Click on the Search or filter vulnerabilities search box, scroll to the Vulnerability Source option, and click to filter by the vulnerability source or Connector.

  2. Locate Qualys WAS on the vulnerability source list and click to filter results.

  3. Click on any vulnerability to view further information.


Locate Qualys WAS assets in the Vulcan Platform

To locate all synced website application assets from Qualys WAS, Go to the Assets tab in Vulcan Cyber.

  1. Open the Vulcan Cyber dashboard and navigate to Assets > Websites tab.

  2. Click on the Search or filter websites input box and select Connector from the drop-down selection.

  3. Locate the Qualys WAS option to view all synced assets.


Automate Qualys WAS vulnerability actions in the Vulcan Platform

Large environments quickly become unmanageable if constant manual attention and action are necessary to remediate vulnerabilities. Take advantage of the automation capabilities of Vulcan Cyber and the Qualys WAS connector.

Click here to learn how to create automation in the Vulcan Cyber Platform.

Did this answer your question?