Skip to content

Qualys

1. Introduction

Qualys is a cloud-based security and compliance platform that provides continuous monitoring of IT infrastructure for vulnerabilities, misconfigurations, and security risks. It enables organizations to identify vulnerabilities, manage assets, and ensure compliance across on-premises, cloud, and hybrid environments.

It plays a foundational role in enterprise security programs by enabling continuous identification, assessment, and remediation of security risks across systems, applications, and network infrastructure.

The Qualys platform supports multiple security capabilities including:

  • Vulnerability Management

  • Asset Inventory

  • Patch Management

  • Configuration Assessment

  • Threat Detection

  • Compliance Monitoring

Qualys exposes REST and XML-based APIs that allow integration with external platforms such as Fabrix RDAF. These APIs enable automated retrieval of vulnerability data, asset information, scan results, and security findings.

The Qualys RDAF extension enables ingestion of security data from the Qualys platform into Fabrix pipelines for analytics, reporting, and automated remediation workflows.

2. Prerequisites

  • Fabrix.ai RDAF Platform requires a Qualys API user account with read-only access.

  • The integration uses API authentication with username and password to access Qualys APIs.

  • The API user should have read access to required modules such as:

    • Vulnerability Management (VMDR)

    • Asset Management

    • Host Inventory

    • Scan Results

This ensures RDAF can retrieve security and vulnerability information without modifying configurations.

3. Steps to Create a Read-Only API User in Qualys

3.1 Log in to the Qualys Console

  • Access the Qualys platform URL for your region (US, EU, etc.).

  • Sign in using Manager-level credentials.

3.2 Navigate to User Management

  • Go to AdministrationUsers

(In some UI versions, it may be under "Account Management" → "Users")

3.3 Create a New User

  • Click New -> User

  • Enter required details

  • Provide a Username

  • Provide a First Name

  • Provide a Last Name

  • Enter the Business Email Address for the user

3.4 Assign Read-Only Permissions

1. Under Roles or Permissions, assign the Reader role.

2. Select the appropriate Business Unit if applicable

3. Enable access only to required modules, such as:

- Vulnerability Management

- Asset Inventory

Follow the principle of least privilege when assigning permissions, Using the given user privilege qualys_api_user_creation

3.5 Enable API Access

  • Ensure API Access is enabled for the user.

  • Check that the necessary modules are configured to support API access.

3.6 Save User

  • Click Save to create the account.

  • Provide credentials securely to the integration administrator.

4. Post-Creation Validation

After creating the API user:

  • Confirm the user appears in the Users list

  • Test API authentication using Qualys API endpoint

  • Validate connectivity from the RDAF platform

Authentication is typically performed using Basic Authentication with username and password.

5. API Reference Documents

Qualys API documentation:

  • The Qualys Developer Documentation can be found here.

  • Access the Qualys API Documentation Portal here.

6. Asset Inventory

  • User can use the following command to fetch information about hosts and assets
GET /qps/rest/2.0/search/am/hostasset

7. Vulnerability Detection

  • Use the following command to retrieve vulnerability findings for hosts.
GET /api/2.0/fo/asset/host/vm/detection

8. Scan Results

Retrieve vulnerability scan results using the below given command

GET /api/2.0/fo/scan

9. Adding Qualys Credential in RDA Integration

  • Login to the CFX RDAF Portal

  • Navigate to:HomeConfigurationRDA Integrations → Click Add → select Qualys from the Source drop-down.

10. Enter the Below Details to Add Qualys as a Datasource

  • Secret source Type - qualys
  • Name . (Eg- qualys_fabrix )
  • Hostname - qualys IP address
  • Username - qualys Username
  • Password - Password
  • Timeout (sec) - 60 (Default)

Click Check Connectivity to validate connection -> Click Save to add the integration.

11. Sample Usage of Synopsys Bot in a Pipeline

  • @qualys:hosts
%% stream = no and limit = 0

## Qualys Host Inventory Collection

@c:new-block
--> @dm:empty
--> @dm:addrow qualys_host = 'qualysapi.qualys.com'
--> @qualys:hosts column_name ="qualys_host"
--> @dm:save name = "qualys-hosts"

@qualys:vulnerabilities

%% stream = no and limit = 0

## Qualys Vulnerability Collection

@c:new-block
--> @dm:empty
--> @dm:addrow qualys_host = 'qualysapi.qualys.com'
--> @qualys:vulnerabilities column_name ="qualys_host"
--> @dm:save name = "qualys-vulnerabilities"

12. List of Qualys Bots Available

Here is the list of available Qualys Bots according to the Fabrix Qualys extension documentation.

1. @qualys:hosts

2. @qualys:vulnerabilities

3. @qualys:scans

4. @qualys:tags

5. @qualys:alerts

6. @qualys:agents

These bots allow RDAF pipelines to ingest vulnerability data, asset inventory, and scan results from the Qualys platform.