Below we list the required configurations and permissions necessary to run any of our available FlexScan. Refer to Configure FlexScan to get the detail steps on how to configure your preferred FlexScan.
Let's look at the Qualys and AWS configurations required to enable Zero-Touch API Scans.
Qualys Cloud Platform subscription with active TotalCloud subscription.
Enable Zero-touch API Based Scan to your subscription from Qualys Backoffice. Contact your technical account manager (TAM) for enabling it.
AWS EC2 instances that report the inventory to AWS SSM.
AWS EventBridge configurations.
Let's look at the pre-requisites to enable zero-touch snapshot-based scan.
Qualys Cloud Platform subscription with active TotalCloud subscription.
Enable Zero-touch Snapshot-based Scan to your subscription from Qualys Backoffice. Contact your technical account manager (TAM) for enabling it.
Request support to provide the required CloudFormation Templates for Service and Target account.
The TotalCloud application Connectors provides an automated way to launch the cloud perimeter scans on the publicly-exposed cloud assets based on the configuration defined in the Connector.
You must define a global perimeter scan configuration that is used by connectors to run the perimeter scan.
Or, you can enable a cloud perimeter scan while creating a connector and define a custom scan configuration for scheduling the perimeter scan only for the connector that you are creating.
Similarly, you can enable a cloud perimeter scan for AWS organization connector and define a custom scan configuration for scheduling the perimeter scan. The custom scan configuration is applied to all the member connectors during the cloud perimeter scan.
If you do not define the custom scan configuration, the global scan configuration is used for launching the perimeter scans.