Field Mappings

The Qualys TotalAppSec connector automatically creates or updates work items in Azure DevOps based on Qualys's findings. This process involves incorporating specific fields from Qualys, such as the finding IDs, QIDs, vulnerability title, severity, asset information, and finding details, into the Azure DevOps work item.

Ticket State Field Mapping

The ticket state changes according to the finding status. The mapping is provided below:

AzureDevops Field Name

Qualys TAS Field Name

To Do

NEW, ACTIVE, REOPNED, PROTECTED, RETEST

Done 

FIXED

Ticket Priority Field Mapping

Severity indicates the risk level of security issues identified in the TAS finding. It helps classify and prioritize the most critical threats that could impact the application’s security. Findings with the highest severity will be prioritized first.

The mapping is provided below:

AzureDevops Field Name

Qualys TAS Field Name

Priority 1 

Severity 5,4

Priority 2 

Severity 3

Priority 3

Severity 2

Priority 4

Severity 1

 

© 2024 Qualys, Inc. All rights reserved. Privacy Policy.