Qualys Web Application Vulnerable Item Integration
The Qualys Web Application Vulnerable Item Integration syncs data from the Qualys platform to the sn_vul_app_vulnerable_item table of ServiceNow. The following table shows the mapping between Qualys and the ServiceNow UI:
|
Field in Qualys WAS API Response XML |
Corresponding Field on ServiceNow UI |
Expected Values |
|---|---|---|
|
<webApp> .. <id>web_app_id</id> .. </webApp> |
Source Application ID |
Web app ID |
|
<uniqueId> |
Source AVIT ID |
unique Id from API response |
|
<qid> |
Vulnerability |
|
|
source_scan_id |
Source Scan ID |
|
|
<severity> |
Source Severity |
Severity of the vuln detection (1 to 5) |
|
<webApp> .. <name>web_app_name</name> .. </webApp> |
Application Release |
Web app name |
|
<firstDetectedDate> |
First Found |
|
|
<lastDetectedDate> |
Last Found |
|
|
Deferral date |
ignore_date |
|
|
Deferral notes |
ignore_reason |
|
|
<lastTestedDate> |
Last Scan Date |
|
|
Last Opened |
|
|
|
Name |
Scan summary name |
QID title |
|
Name |
Short Description |
Combination of QID and Web App name |
|
Source |
Qualys (Hardcoded) |
|
|
<PayloadInstance> <payload> + <request> </PayloadInstance> |
Source Request |
|
|
<response> |
Source Response |
|
|
Source link |
Link to the findings on the Qualys UI |
|
|
<PayloadInstance> <request> <link> </link> </PayloadInstance> |
Location |
|
|
<Finding> <name> qid_title </name> </Finding> |
Summary |
QID title |
|
from KB to AVIT table |
Vulnerability Summary |
QID title (from KB) |
|
from KB to AVIT table |
Vulnerability explanation |
DIAGNOSIS from QID (KB) |
|
from KB to AVIT table |
Recommendation |
SOLUTION from QID (KB) |
|
<status> |
Source Remediation Status |
Status of the respective detections |
STATE and REASON fields are mapped based on 'Source Remediation Status' field and sn_vul_app_state_map table.