Create User-Defined Controls

You can create a customized control using QFlows created in the Qualys Flow module.  


To create a customized control using QFlows, you need the Manage Custom Control permissions in TotalCloud and Read permissions in Qualys Flow.

If the Manage Custom Control permission is not enabled, the Create Control button is not available. 

For details on permissions, refer to Manage Custom Control Permissions

Create Your Customized Control using QFlow 

You can create your own customized control and associate the required controls to be evaluated for the custom policy.

Note: Currently, you can create customized controls for Amazon Web Services (AWS) and Microsoft Azure.

1) Navigate to Policy > Controls > Preferred Cloud Provider(AWS/Azure). 

(2) Click Create Control > Run Time. Show meShow me

(3) Provide the basic details for the control such as Name, Description, select the Criticality and cloud Provider, and click Next. Show meShow me

(4) Click  icon to include QFlow that is created in Qualys Flow app. Show meShow me

If you do not have Read Permissions to Qualys Flow module, the  icon is not available. For details on permissions, refer to Manage Custom Control Permissions

For more information on the Qualys Flow application, refer to Qualys Flow Getting Started Guide.

(5) Select the QFlow from the list and click Add to control. Show meShow me

For the QFlow to be displayed in the list, in the Qualys Flow application, the TotalCloud node should be added while creating the QFlow and the QFlow should be deployed (enabled).

(6) The QFlow is added in the control, click Next.

(7) Fill in the additional details for your reference, like the objective of adding this control in Rationale, remediation steps if you want to suggest in Remediation, References and click Next.

(8) Review the details of your control and click Create Control. 

That’s it. Your customized control is ready to use.

Associate the control to a user-defined policy to be evaluated for the custom policy. For details on creating a custom policy, refer to Build Your Policy.