Onboarding

Onboarding is the process through which Qualys sets up the necessary configurations for you to perform compliance scans to assess the compliance status of your assets. This reduces the effort and time required to set up, configure, and start using PC for compliance assessment.

Note: This feature is available by default only to the new customers. It's not available to the existing customers.

Key Highlights

• A wide array of industry standards tailored to your business needs to choose your compliance framework.


• Activate your assets for policy compliance automatically.


• Automatically import required policies, launch scans, and build insightful dashboards.

Prequisites

• Qualys Vulnerability Management must be available in your subscription and at least one VM scan (agent scan) should have been completed.
   
• Qualys Cloud Agent (for VM and PC) must be available in your subscription.

Onboarding Workflow

Navigate to the Home page and then perform the following three simple steps:

Step -1 Select Frameworks

Frameworks/ mandates are regulatory or good practice standards, compliance frameworks designed by government organizations. A wide array of industry standards tailored to your business needs are displayed to choose your compliance framework. Select the desired frameworks you want to comply with.

Step- 2 Select Technologies

Choose technologies to evaluate compliance posture on your assets by assessing the selected technology. The Select Technologies page displays the list of technologies and Cloud Agents identified by your VM scan.

We provide you with two ways to quickly get started. 

• Auto-enable PC for all agents: Auto enable PC for Cloud Agents by selecting detected technologies in your subscription.


• Manually enable PC for the agents: Activate PC for the specified Cloud Agents and then select technologies detected by these Cloud Agents.

Step-3 Set Priority of Benchmarks

Drag and drop to set the benchmark priority to let the system know the recommended order for importing policies tailored to your business requirements, such as CIS, DISA, Vendor, or Qualys.

Automated Processes Initiated After Onboarding

Once the onboarding is initiated, the following activities happen automatically:

• Cloud Agents are activated for policy compliance.


• Required policies are automatically imported for the compliance assessment. 
• Based on the selection of technologies the appropriate asset tags for technologies are created and are assigned to respective policies and Cloud Agents.


• Based on these imported policies the compliance scan is performed.


• A default compliance dashboard is created to visualize the compliance posture. The dashboard provides a summary of your overall compliance status. It displays the compliance posture of the organization in terms of the underlying security baseline against selected frameworks.
  
  Later, If you want to add/remove the frameworks/mandates that have been added during onboarding process to display compliance posture on the default compliance dashboard then you can do so by using the Framework Display Preference policy setup option. For more information refer to Policies Setup help topic.