Qualys Patch Management Workflow

With Qualys VMDR application, automatic change tickets are created to track the remediation action for the detected vulnerabilities. The change requests can create automated patch deployment jobs in Qualys Patch Management, which helps to reduce risk faster.

 This application is available for remediation owners.

The change management process included the following steps:

1. When a vulnerability is detected, it is pulled in the Qualys VMDR with the detection event rule, creating a vulnerability incident.
2. A detection event rule for change requests creates a new change ticket with vulnerability details and associated CIs This is applicable if the CIs are part of the ServiceNow CMDB.
3. When the change is approved, a deployment job is created within ServiceNow and later in the Qualys Patch Management.
4. The job status and result are then monitored, and the updates are logged into the change ticket under the deployment job.
5. The change ticket status is updated once the job is created in Qualys Patch Management.
6. After the vulnerability is remediated and the next VM scan runs, ServiceNow closes the vulnerability incident, and the change manager can then review the change and close the change ticket manually.

You can manage Qualys Patch in the following ways:

• Change Request - Review - Assessment and Approval
• Review Patch Jobs with Errors
• View Patch Deployment Jobs in Qualys Patch Management
• Create a New Patch Job Manually
• Refresh the Patch Job Status

Related Topic

Reports and Dashboards