Vulnerability Management - Qualys (Job) - V2

Use the latest Qualys report to manage vulnerabilities. This playbook runs as a job, and by default creates incidents of type "Vulnerability" based on assets and vulnerabilities. The incidents are created from the latest version of the report determined by the report timestamp. You can define the minimum severity (minSeverity) that incidents are created for. Duplicate incidents are not created for the same asset ID and QID. This playbook is a part of a series of playbooks for Qualys vulnerability management and remediation. For this series of playbooks to run successfully, create a Job and do the following: 1. Assign this playbook to the Job 2. Enter the Qualys XML report name into the "Details" field 3. Associate the "Vulnerability" type incident to the "Vulnerability Handling - Qualys" playbook.

Qualys · 13 tasks · 2 inputs · 0 outputs

Inputs

  • QualysReportTitle — The report title as it appears in Qualys. Has to be in XML format.
  • MinSeverity — The minimum Qualys severity (1 -5) to create incidents for

Commands used

closeInvestigation qualys-report-fetch qualys-report-list

Flowchart

YES yes yes Start Start Get Qualys reports list - qualys-report-list Get Qualys reports list qualys-report-list Is there a valid report? Is there a valid report? Done Done Create incidents from the Qualys report Create incidents from the... Create incidents from the Qualys report - QualysCreateIncidentFromReport Create incidents from the... QualysCreateIncidentFromReport Is Qualys enabled? Is Qualys enabled? Get report - qualys-report-fetch Get report qualys-report-fetch Set context - Set Set context Set Close Investigation - closeInvestigation Close Investigation closeInvestigation Get report from Qualys Get report from Qualys PrintErrorEntry - PrintErrorEntry PrintErrorEntry PrintErrorEntry Is there any report? Is there any report?