Qualys

Together, ThreatConnect and Qualys enable data-driven patching prioritization for the risk management and SOC teams. The integration helps organizations see where threats and vulnerabilities cross paths and understand where the organization is most at risk. It does this by matching Common Vulnerabilities and Exposures (CVE) data from sources in ThreatConnect against Qualys scan results. Any matching unpatched vulnerabilities found within Qualys are tagged accordingly in ThreatConnect, with the option to store scan result details as an attribute. In addition, tasks can be created to notify users of the matching vulnerabilities and the need for further action. Scan result details will be provided as an attribute of the task or a document associated with the task.

With the Qualys VM Playbook app, you can launch scans, get scan reports and get host detections. The playbook app will increase accuracy and efficiency by analysts from routine tasks and increasing response time and accuracy.

The following actions are available within the Playbook App:

• Launch Scan - Create and launch a Scan in the user's account. Returns a Scan ID to use for getting reports.
• Get Scan Report - Get the latest scan results based on Scan ID. Choose from brief or extended results. It's recommended to configure Retry for this action.
• Get Host Detections - Find Hosts by CVE. It's recommended to configure Retry for this action.

This listing can be found in the ThreatConnect App Catalog under the name: Qualys VM