Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

Qualys

Reply
This is an open group. Sign in and click the "Join Group" button to become a group member and start posting.
INFOBLOX & QUALYS INTEGRATION - DEMO VIDEO
[ Edited ]
Adviser
Posts: 171
Registered: ‎09-09-2015
Adviser
Posts: 81

Hi There,

 

Infoblox and Qualys together enable security and incident response teams to leverage the integration of vulnerability scanners and DNS security to enhance visibility, manage assets, ease compliance and automate remediation. This video shows how the integration with Qualys works using Outbound API feature configuration, including three simple use cases.

 

 

The templates which were used in this video are available here:

I've attached an optional session template and a simple php script which will add EAs and fill it with the values.
Please update $NIOS_baseURL, $NIOS_User, $NIOS_PWD, $data variables based on your configuration.

Any feedback and/or questions are appreciated and are very welcome.

 

BR,
Vadim

Re: INFOBLOX & QUALYS INTEGRATION - DEMO VIDEO
Adviser
Posts: 254
Registered: ‎09-15-2008
Adviser
Posts: 8

You can also create the EA's using the WAPI '/request' object.

 

Here is the generic form of the payload as JSON  that you can use in any client:

 

POST /wapi/v2.3/request
Content-Type: application/json

[{
    "method": "POST",
    "object": "extensibleattributedef",
    "data": {
        "name": "Qualys_Asset_VM",
        "comment": "Qualys OutboundAPI integration",
        "type": "ENUM",
        "flags": "I",
        "default_value": "true",
        "list_values": [
            {"value": "true"},
            {"value": "false"}
        ]
    }
},
{
    "method": "POST",
    "object": "extensibleattributedef",
    "data": {
        "name": "Qualys_Asset_PC",
        "comment": "Qualys OutboundAPI integration",
        "type": "ENUM",
        "flags": "I",
        "default_value": "true",
        "list_values": [
            {"value": "true"},
            {"value": "false"}
        ]
    }
},
{
    "method": "POST",
    "object": "extensibleattributedef",
    "data": {
        "name": "Qualys_Scan",
        "comment": "Qualys OutboundAPI integration",
        "type": "ENUM",
        "flags": "I",
        "default_value": "true",
        "list_values": [
            {"value": "true"},
            {"value": "false"}
        ]
    }
},
{
    "method": "POST",
    "object": "extensibleattributedef",
    "data": {
        "name": "Qualys_Scan_On_Add",
        "comment": "Qualys OutboundAPI integration",
        "type": "ENUM",
        "flags": "I",
        "default_value": "true",
        "list_values": [
            {"value": "true"},
            {"value": "false"}
        ]
    }
},
{
    "method": "POST",
    "object": "extensibleattributedef",
    "data": {
        "name": "Qualys_Assets_Group",
        "comment": "Qualys OutboundAPI integration",
        "type": "ENUM",
        "flags": "I",
        "default_value": "QLab",
        "list_values": [
            {"value": "Lab"},
            {"value": "QLab"}
        ]
    }
},
{
    "method": "POST",
    "object": "extensibleattributedef",
    "data": {
        "name": "Qualys_Scan_Option",
        "comment": "Qualys OutboundAPI integration",
        "type": "ENUM",
        "flags": "I",
        "default_value": "Authenticated Scan v.1",
        "list_values": [
            {"value": "Authenticated Scan v.1"},
            {"value": "Initial Options (default)"},
            {"value": "Qualys Top 20 Options"},
            {"value": "Payment Card Industry (PCI) Options"},
            {"value": "2008 SANS20 Options"}
        ]
    }
},
{
    "method": "POST",
    "object": "extensibleattributedef",
    "data": {
        "name": "Qualys_Scanner",
        "comment": "Qualys OutboundAPI integration",
        "type": "ENUM",
        "flags": "I",
        "default_value": "TMELab",
        "list_values": [
            {"value": "TMELab"}
        ]
    }
},
{
    "method": "POST",
    "object": "extensibleattributedef",
    "data": {
        "name": "Qualys_User_SNMP",
        "comment": "Qualys OutboundAPI integration",
        "type": "ENUM",
        "flags": "I",
        "default_value": "public",
        "list_values": [
            {"value": "public"}
        ]
    }
},
{
    "method": "POST",
    "object": "extensibleattributedef",
    "data": {
        "name": "Qualys_User_Unix",
        "comment": "Qualys OutboundAPI integration",
        "type": "ENUM",
        "flags": "I",
        "default_value": "infoblox",
        "list_values": [
            {"value": "infoblox"}
        ]
    }
}]
Re: INFOBLOX & QUALYS INTEGRATION - DEMO VIDEO
[ Edited ]
Adviser
Posts: 171
Registered: ‎09-09-2015
Adviser
Posts: 81

The attached PHP script is a just a wrapper for WAPI Smiley Happy

Anyway good point about "/request


Showing results for 
Search instead for 
Did you mean: