INFOBLOX & QUALYS INTEGRATION - DEMO VIDEO
Hi There,
Infoblox and Qualys together enable security and incident response teams to leverage the integration of vulnerability scanners and DNS security to enhance visibility, manage assets, ease compliance and automate remediation. This video shows how the integration with Qualys works using Outbound API feature configuration, including three simple use cases.
The templates which were used in this video are available here:
I've attached an optional session template and a simple php script which will add EAs and fill it with the values.
Please update $NIOS_baseURL, $NIOS_User, $NIOS_PWD, $data variables based on your configuration.
Any feedback and/or questions are appreciated and are very welcome.
BR,
Vadim
Answers
-
You can also create the EA's using the WAPI '/request' object.
Here is the generic form of the payload as JSON that you can use in any client:
POST /wapi/v2.3/request
Content-Type: application/json
[{
"method": "POST",
"object": "extensibleattributedef",
"data": {
"name": "Qualys_Asset_VM",
"comment": "Qualys OutboundAPI integration",
"type": "ENUM",
"flags": "I",
"default_value": "true",
"list_values": [
{"value": "true"},
{"value": "false"}
]
}
},
{
"method": "POST",
"object": "extensibleattributedef",
"data": {
"name": "Qualys_Asset_PC",
"comment": "Qualys OutboundAPI integration",
"type": "ENUM",
"flags": "I",
"default_value": "true",
"list_values": [
{"value": "true"},
{"value": "false"}
]
}
},
{
"method": "POST",
"object": "extensibleattributedef",
"data": {
"name": "Qualys_Scan",
"comment": "Qualys OutboundAPI integration",
"type": "ENUM",
"flags": "I",
"default_value": "true",
"list_values": [
{"value": "true"},
{"value": "false"}
]
}
},
{
"method": "POST",
"object": "extensibleattributedef",
"data": {
"name": "Qualys_Scan_On_Add",
"comment": "Qualys OutboundAPI integration",
"type": "ENUM",
"flags": "I",
"default_value": "true",
"list_values": [
{"value": "true"},
{"value": "false"}
]
}
},
{
"method": "POST",
"object": "extensibleattributedef",
"data": {
"name": "Qualys_Assets_Group",
"comment": "Qualys OutboundAPI integration",
"type": "ENUM",
"flags": "I",
"default_value": "QLab",
"list_values": [
{"value": "Lab"},
{"value": "QLab"}
]
}
},
{
"method": "POST",
"object": "extensibleattributedef",
"data": {
"name": "Qualys_Scan_Option",
"comment": "Qualys OutboundAPI integration",
"type": "ENUM",
"flags": "I",
"default_value": "Authenticated Scan v.1",
"list_values": [
{"value": "Authenticated Scan v.1"},
{"value": "Initial Options (default)"},
{"value": "Qualys Top 20 Options"},
{"value": "Payment Card Industry (PCI) Options"},
{"value": "2008 SANS20 Options"}
]
}
},
{
"method": "POST",
"object": "extensibleattributedef",
"data": {
"name": "Qualys_Scanner",
"comment": "Qualys OutboundAPI integration",
"type": "ENUM",
"flags": "I",
"default_value": "TMELab",
"list_values": [
{"value": "TMELab"}
]
}
},
{
"method": "POST",
"object": "extensibleattributedef",
"data": {
"name": "Qualys_User_SNMP",
"comment": "Qualys OutboundAPI integration",
"type": "ENUM",
"flags": "I",
"default_value": "public",
"list_values": [
{"value": "public"}
]
}
},
{
"method": "POST",
"object": "extensibleattributedef",
"data": {
"name": "Qualys_User_Unix",
"comment": "Qualys OutboundAPI integration",
"type": "ENUM",
"flags": "I",
"default_value": "infoblox",
"list_values": [
{"value": "infoblox"}
]
}
}]0 -
The attached PHP script is a just a wrapper for WAPI
Anyway good point about "/request
1
Categories
- All Categories
- 5K Forums
- 4.6K Critical Network Services
- 463 Security
- Visibility and Insights
- Ideas Portal
- Webinars & Events
- 265 Resources
- 265 News & Announcements
- Knowledge Base Articles
- Infoblox Documentation Portal
- Infoblox Blog
- Support Portal
- 4 Members Hub
- 4 Getting Started with Community
- Community Support