Get Started with Azure Sentinel Integration

Microsoft Azure Sentinel is a cloud-native SIEM and security analytics platform that provides centralized threat detection, investigation, and response across hybrid and multi-cloud environments. This connector integrates Qualys Vulnerability Management, Detection and Response (VMDR) with Azure Sentinel to export vulnerability findings and security posture data via APIs, enabling near real-time visibility, advanced analytics, and correlation of Qualys VMDR detections within the Sentinel console for faster risk identification and remediation.

You can now access Qualys vulnerability assessment findings in Azure Sentinel.

Azure Sentinel provides a comprehensive view of the high-priority security alerts and compliance status across their accounts. By integrating the findings from Qualys Vulnerability Management VM/VMDR with Azure Sentinel, you can get near real-time, up-to-date visibility of your security posture in Azure Sentinel console. These findings, gained by the correlation of Qualys information with other data in Azure Sentinel, allow you to quickly detect risks and take rapid, automated remedial actions.

Prerequisites

The following prerequisites must be met for integrating Qualys with Azure Sentinel:

  • Ensure that you accept all the Qualys Terms and Conditions and reach out to the Qualys Support team for the integration process.

    You can access integration API only after accepting Terms and Conditions provided by Qualys.

  • Qualys Applications: Vulnerability Management (VM/VMDR), Cloud Agent (CA).
    Ensure that you have executed scans and the scan reports (including vulnerability information) are available in your user account.
  • Qualys Sensors: Virtual Scanner Appliances or Cloud Agents, as required
  • Ensure API Access permission is enabled for the user account.
  • Manager or Unit Manager role
  • Ensure that you have created Log Analytics Workspace on Azure Sentinel console.

Currently, we support findings from only VM/VMDR app in Azure Sentinel integration.

Get Started

Quick Steps: Integrating Azure Sentinel with Qualys

The following is the user flow for integrating Qualys with Azure Sentinel:

  1. Create Workspace.
  2. Configure integration with Qualys Enterprise TruRisk™ Platform using Available APIs.

Additional Resources

You might already be familiar with Qualys Cloud Suite, its features, and user interface. If you are new to Qualys, we recommend below given overview tutorials.

From the Community

Qualys Training | Free self paced classes, video series, online classes

Qualys Documentation | Getting started guides, quick references, API docs

Video Tutorial

Video Tutorials get you familiar with the basics.
Vulnerability management Detection and Response.(3 mins)