Skip to content
Furl Docs

Qualys

Connect Furl to Qualys using API credentials for vulnerability management and asset inventory.

Description

Section titled “Description”

Qualys is a vulnerability management solution that provides asset inventory, vulnerability findings, and remediation prioritization. Furl integrates with Qualys to import asset and vulnerability data for comprehensive security risk management.

Configuration Steps

Section titled “Configuration Steps”

  1. Create a Service Account (Recommended)

    • Create a dedicated service account in Qualys specifically for API usage
    • This provides better security and auditability than using personal credentials
    • Ensure the service account has the necessary permissions for asset and vulnerability data access

  2. Get API Credentials

    • Log in to your Qualys account
    • Navigate to your user profile or API settings
    • Note your API username and password credentials

  3. Enable CVSS Scores

    • In the navigation sidebar, go to Reports
    • On the reports page, click the Setup tab
    • Open the CVSS Scoring setting tile
    • Enable the “Show CVSS Scoring” checkbox
    • Save

Required Configuration

Section titled “Required Configuration”

Provide the following in Furl:

  • Username - Your Qualys API username (or service account username)
  • Password - Your Qualys API password (or service account password)

Datasource Configuration

Section titled “Datasource Configuration”

Assets and Vulnerabilities

Section titled “Assets and Vulnerabilities”

The Assets and Vulnerabilities datasource supports the following optional configurations:

  • Severity Filter - Filter vulnerabilities by severity level. Accepts single values (1-5) or ranges (e.g., ‘1-3’, ‘4-5’). Leave empty to include all severities. Severity details can be found at Qualys Severity Levels.
  • Filter Superseded Vulnerabilities - Whether to filter out superseded vulnerabilities in the results to reduce noise

Supported Capabilities

Section titled “Supported Capabilities”

Datasources

Section titled “Datasources”
  • Assets and Vulnerabilities → Import asset inventory and vulnerability findings from Qualys to understand your security posture and prioritize remediation efforts

Actions

Section titled “Actions”

Currently no actions are supported for this integration.

Troubleshooting

Section titled “Troubleshooting”
  • Ensure your API credentials have the necessary permissions for asset and vulnerability data access
  • Check that your Qualys account has API access enabled
  • Ensure your credentials are valid by testing the connection
  • If using a service account, verify it has the required permissions and hasn’t expired