Qualys VMDR Qualys VMDR

Collect Qualys asset inventory and detected vulnerabilities

The Qualys VMDR (Vulnerability Management, Detection & Response) connector allows you to retrieve asset inventory and vulnerability data from your Qualys platform.

Overview

The Qualys VMDR connector enables you to collect the following information:

  • Asset inventory
  • Detected vulnerabilities (CVE)
  • Risk score

Prerequisites

  • Active Qualys VMDR account
  • API authentication credentials
  • API access enabled on your account

Information to provide in OverSOC

FieldDescription
Username*Qualys username
Password*Qualys password
Platform URLQualys platform URL (optional, auto-detected by default)

Configuration

Enable API access for your user

  1. Log in to your Qualys VMDR account as an administrator.
  2. Navigate to Administration > Users.
  3. Select or create a user account for API access.
  4. Assign the user a role that includes the "API Access" permission (or VMDR.API.ACCESS).
  5. Save the user configuration.

Retrieve your platform URL

Your Qualys API URL varies by platform. To find your URL:

  1. Log in to your Qualys platform.
  2. Click Help > About.
  3. Locate your platform URL (examples: qualysapi.qualys.com for US, qualysapi.eu.qualys.com for EU).

Obtain JWT token for API authentication

Qualys uses JWT tokens for API authentication:

  1. The connector will POST your username and password to the /auth endpoint.
  2. Qualys responds with a JWT token (valid for 4 hours).
  3. This token is used to authenticate subsequent API requests.

Configure the connector in OverSOC

  1. In OverSOC, go to Data Sources Settings > Sources.
  2. Select Qualys VMDR and click Configure.
  3. Fill in the fields:
    • Username: your Qualys username
    • Password: your Qualys password
    • Platform URL: your platform URL (optional, auto-detected if not provided)
  4. Click Save Configuration.

For detailed authentication information, see Qualys VMDR API Getting Started Guide.

Required Permissions

The user must have the following minimum permissions:

  • Vulnerability Management: Read
  • Asset Management: Read
  • Reports: Read
  • VMDR API access enabled
Previous← PenteraNextSilene →