Get Started with OCI BYOL Support

BYOL is a Bring Your Own License. This feature lets you use Oracle Cloud Infrastructure (OCI) with their Own Qualys License. BYOL enables Qualys VM scanning for instances on OCI. OCI Vulnerability Scanning Service (VSS) is integrated with Qualys. VSS can set up Qualys Agent on OCI instances.

Users can configure a Qualys Agent-based scan from the OCI console. Qualys agents collect the instance data and push it to Qualys VMDR, where scanning is performed. The count of unique vulnerabilities out of the identified or detected vulnerability and then forward the result to VSS.

VSS displays the results in the VSS application and forwards them to Cloud Guard for global alerting of security problems. Qualys VMDR, VSS, and Cloud Guard provide the complete security posture of the instances.

Prerequisites

For using BYOL feature, the following are the prerequisites:

• Ensure that Oracle has enabled the OCI BYOL features for your account. Oracle VSS is required for the functionality of this feature.
• Ensure the VSS agent is installed.
• Set up policies:
  • Grant access to the VSS service.
  • Grant permission to a group of administrators to access VSS.
  • For more details on policies, refer to Appendix A.