Connector Centralization 3.1.0

Enhanced Connector Support

Orca Security (VM Assets) v2

The Orca Security (VM Assets) v2 connector provides enhanced visibility, threat prevention, and data protection across cloud environments by integrating Orca’s cloud asset data and security findings into the Qualys Enterprise TruRisk Platform (ETM). Using the Orca Security API, the connector seamlessly ingests asset inventory and vulnerability insights, which are then processed by Qualys TruRisk to deliver rich, contextual risk intelligence. This integration enables SecOps teams to quickly identify and remediate vulnerabilities across cloud environments using prioritized, risk-based insights.
Orca Security Online Help

Orca Security (Cloud Security)

The Orca Cloud Security connector integrates Orca’s CNAPP platform with the Qualys Enterprise TruRisk Platform by automatically ingesting cloud asset inventory and vulnerability findings through scheduled API calls. The connector supports a broad range of workload types, including Compute, Container Instances, Container Images, and Serverless environments. By consolidating Orca’s agentless detection data with Qualys TruRisk scoring into a single asset inventory, security teams gain unified visibility across multi-cloud environments. This integration eliminates manual data translation between tools and allows SecOps teams to focus on remediating the most critical risks through enhanced prioritization and contextual insights.
Orca Security Online Help

Cortex Cloud by Palo Alto Networks

The Cortex Cloud connector integrates Palo Alto Networks’ cloud security platform with Qualys Enterprise TruRisk Management, enabling organizations to ingest cloud asset and vulnerability data into a centralized risk management view. Security teams gain unified visibility into compute, serverless, and container image assets across cloud environments without the need for manual data correlation. Automated, scheduled ingestion of vulnerability findings reduces operational overhead and accelerates enterprise-wide risk assessment across hybrid cloud infrastructures. This integration helps teams make faster, more informed remediation decisions by embedding cloud-native threat data directly into existing risk management workflows.
Cortex Cloud Online Help

GitHub Advanced Security (Code Security)

The GitHub Advanced Security connector integrates application security findings from GitHub repositories into Qualys Enterprise TruRisk Management. By automatically ingesting Code Scanning (CodeQL) and Dependabot alerts, the connector consolidates application security data that is traditionally siloed across development tools. This unified visibility enables security teams to correlate code-level vulnerabilities with broader enterprise risk, improving prioritization and remediation tracking—especially for organizations managing large numbers of repositories.
GitHub Advanced Security Online Help

CheckmarxOne SAST

The CheckmarxOne SAST connector ingests static application security testing results into Qualys Enterprise TruRisk Management, enabling organizations to centralize source code and binary vulnerability findings alongside other enterprise risk data. By identifying security flaws without requiring code execution, the connector helps uncover issues that may be missed during runtime testing. Security teams benefit from consolidated application security visibility and can prioritize remediation efforts using integrated risk visualization and TruRisk Insights. The unidirectional integration performs scheduled full data pulls to ensure up-to-date vulnerability assessments.
CheckmarxOne SAST

CheckmarxOne SCA

The CheckmarxOne SCA connector brings open-source vulnerability findings from Checkmarx into Qualys Enterprise TruRisk Management, enabling centralized risk visualization, prioritization, and remediation tracking. By automatically ingesting software composition analysis data, security teams gain a unified view of open-source dependency risks alongside other security findings. This integration helps address the significant attack surface introduced by unmanaged open-source components and supports more effective allocation of remediation resources.
CheckmarxOne SCA

Snyk Open Source SCA

The Snyk Open Source SCA connector integrates software composition analysis findings from Snyk into Qualys Enterprise TruRisk Management, providing centralized visibility into software supply chain risks. By automatically importing vulnerability data and asset context, organizations can assess and prioritize open-source risks using TruRisk Insights rather than managing findings in isolated tools. The connector supports delta data pulls on configurable schedules, ensuring an up-to-date vulnerability posture with minimal operational overhead.
Snyk SCA Online Help

Snyk Code SAST

The Snyk Code SAST connector integrates static application security testing results from Snyk into Qualys Enterprise TruRisk Management. This integration addresses the challenge of fragmented application security data by consolidating SAST findings for both code repositories and generic applications into a single platform. Security teams gain centralized visibility into application-layer risks, enabling impact-based prioritization and more effective remediation decisions aligned with business risk.
Snyk Code SAST Online Help

 

© 2026 Qualys, Inc. All rights reserved. Privacy Policy. Last updated: April, 2026