Configure the Application

Once you install the Vulnerability Response Integration with Qualys WAS app, you need to configure it.

Configure Credentials

Perform the following steps to configure the credentials:

  1. Go to  > Qualys WAS Integration > Configuration.
  2. Select Credentials.
  3. On the Qualys Web Application Vulnerability Configuration page, enter the following details:

    1. Qualys API Server URL: Enter the API Server URL as per your subscription. For information on your API Server URL, refer the Identify your Qualys Platform page.

    2. Username and Password: Enter valid Qualys Cloud Platform credentials for an account on the selected POD. Ensure that the credentials you use has API access enabled.

      configure_app

    3. Triaging in ServiceNow: Enables the support for the 'Automatic Triage of Vulnerabilities' feature in the Vulnerability Response remediation workflow of the ServiceNow Vulnerability Response application.

      Select this check-box to map the vulnerability (detection) state in the Vulnerable Items table, that is, AVIT table (sn_vul_app_vulnerable_item) as per the Triage map maintained in the sn_vul_app_state_map table. The detection state is mapped based on its source state and respective mapping to the Target Triage state. Refer to the screenshot for the default mapping configuration.

      The Target Triage state is the configurable; hence you can make changes in the sn_vul_app_state_map table as per your triaging criteria.

      state_maps

  4. Use the Save and Test Credentials to test the connection between ServiceNow and Qualys WAS.

    A success message is displayed when the connection is tested successfully.

Integration

Perform the following steps of integration:

  1. Select the required filters from WAS Detection Filter.

    These filters are only applicable to Qualys Web Application Vulnerable Item Integration.

    was_detection_filter

  2. Select the required filters to sync WAS detections based on Severity level, Vulnerability and Finding type.

    Configured filters are applicable to both Confirmed and Potential detections or, just Confirmed detection, based on selection of the Potential Vulnerabilities.

By default, all the parameters are selected and hence 'Qualys Web Application Vulnerable Item Integration' run syncs all the detections available in Qualys WAS module.

Next Step

Qualys WAS Integrations

 

 

 

© 2024 Qualys, Inc. All rights reserved. Privacy Policy.