Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

Qualys

Reply
This is an open group. Sign in and click the "Join Group" button to become a group member and start posting.
INFOBLOX & QUALYS INTEGRATION UPDATE 11/22/17
[ Edited ]
Moderator
Posts: 84
Registered: ‎06-21-2017
Moderator
Moderator
Posts: 69

Hello everyone,

 

Here are the updated Qualys Integration templates:

 

  • insert_qualys.json template creates an asset group by IPv4 network creation event.
  • delete_qualys.json template deletes the asset group created from insert_qualys.json.
  • qualys_host_reservation_lease_range_add.json template adds hosts, fixed IPs, leases, and ranges to Qualys side.
  • Qualys_dnsfw_tunnel_scan.json template requests Qualys to scan an asset in case of security events: DNS Firewall hit or DNS Tunneling detection.

 

I have attached the templates in both PDF and TXT format for your convenience. I’ve also attached the updated deployment guide.

 

A detailed video description on how the templates work can be found here:

 

INFOBLOX & QUALYS INTEGRATION - DEMO VIDEO

 

The older version of the templates can be found here:

 

USE CASE 1: ASSET GROUPS MANAGEMENT - INFOBLOX & QUALYS INTEGRATION

 

USE CASE 2: ASSET MANAGEMENT - INFOBLOX & QUALYS INTEGRATION

 

USE CASE 3: DNS SECURITY EVENTS - INFOBLOX & QUALYS INTEGRATION

 

 

Any feedback or questions are welcomed

 

 

Thank you,

 

Kevin Zettel

Showing results for 
Search instead for 
Did you mean: