The requirements to fulfill from your Qualys account configurations to start with the Jira Connector.
Ensure you have a valid Qualys subscription with API access enabled for Host Detection, Knowledgebase, WAS finding APIs and Container Security APIs.
Refer below to find the API URLs for Knowledgebase, Host Detection, WAS Findings and Container Security with their required roles and permissions.
/api/2.0/fo/knowledge_base/vuln/?action=list
|
Role |
Permissions |
|---|---|
|
Manager, Unit Manager, Scanner, Reader |
Download vulnerability data from the KnowledgeBase. |
|
Auditor |
No permission to download vulnerability data from the KnowledgeBase. |
Host DetectionsHost Detections
/api/2.0/fo/asset/host/vm/detection/
|
Role |
Permissions |
|---|---|
|
Managers |
View all VM scanned hosts in subscription |
|
Unit Managers |
View VM scanned hosts in the user’s assigned business unit. |
|
Scanners and Readers |
View VM scanned hosts in the user’s account. |
|
Auditors |
Have no permission to view VM scanned hosts. |
Refer to Qualys API (VM, PC) User Guide for more.
WAS Findings
/qps/rest/3.0/search/was/finding
Permissions required
User account must enable WAS module with the permission -
Access Permission “API Access”.
Refer to Qualys API (WAS) User Guide for more.
Permissions required
Refer to Qualys Container Security API User Guide for more