The Now Platform® Washington DC release is live. Watch now!

Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Qualys API's for Web Application scanning and PC

Go to solution
Steve160
Kilo Contributor

‎10-11-2018 10:32 AM

We are an MSP,  a client is considering using his Qualys investment for Web Application (WAS) and CIS benchmark (PC) scanning to support FedRAMP accredidation requirements.   We are told by Qualys that API’s do not currently exist for importation of the WAS, and PC scan data but it is on the ServiceNow Roadmap as SN develops the API’s not Qualys.  Can you advise if it is on Roadmap and a target release date?

 

 

0 Helpfuls
  • 684 Views
1 ACCEPTED SOLUTION

Go to solution
Alex Cox
ServiceNow Employee
ServiceNow Employee

‎10-11-2018 01:23 PM

Hi there,

ServiceNow's Configuration Compliance app supports Qualys Policy Compliance (PC) today in the London and Kingston releases, out of the box - so that's some good news for you!

ServiceNow's APIs are comprehensive and do support the ability to load web application scan data as well. Ultimately two tables should be loaded:

  • Third Party Vulnerabilities - a table designed to save vuln definitions from vendors like Qualys
  • Vulnerable Items - a table to pair vuln defs with a given CI or hostname

These tables can be loaded via the REST API from a Qualys --> ServiceNow standpoint,  or instead as a pull from Qualys REST API to ServiceNow.  See Data sources, Import Sets and Transform Maps in Docs for more info on these techniques.

Unlike Policy Compliance, there is not an out of the box connector for this info at this time, but it is certainly possible to establish using the methods above. I imagine you would like this feature, so I'll forward a request on your behalf to Product Management.

Alex

View solution in original post

4 REPLIES 4

Go to solution
Alex Cox
ServiceNow Employee
ServiceNow Employee

‎10-11-2018 01:23 PM

Hi there,

ServiceNow's Configuration Compliance app supports Qualys Policy Compliance (PC) today in the London and Kingston releases, out of the box - so that's some good news for you!

ServiceNow's APIs are comprehensive and do support the ability to load web application scan data as well. Ultimately two tables should be loaded:

  • Third Party Vulnerabilities - a table designed to save vuln definitions from vendors like Qualys
  • Vulnerable Items - a table to pair vuln defs with a given CI or hostname

These tables can be loaded via the REST API from a Qualys --> ServiceNow standpoint,  or instead as a pull from Qualys REST API to ServiceNow.  See Data sources, Import Sets and Transform Maps in Docs for more info on these techniques.

Unlike Policy Compliance, there is not an out of the box connector for this info at this time, but it is certainly possible to establish using the methods above. I imagine you would like this feature, so I'll forward a request on your behalf to Product Management.

Alex

Go to solution
Steve160
Kilo Contributor
In response to Alex Cox

‎10-15-2018 06:32 AM

Hello Alex,

Thanks very much for the insights and direction.  It is greatly appreciated.  Our engineering team made terrific progress this past weekend thanks to your guidance.   Best regards Steve

Go to solution
ESkogquist
Giga Contributor
In response to Alex Cox

‎04-01-2020 06:43 AM

Alex,  Also working to have Qualys Policy and Compliance data brought into the VR application.  If you could please add another vote for this enhancement, that would be appreciated.

Interested in if there is any advancement, as we will be looking to build this REST API call in the coming months.  Thanks!

0 Helpfuls

Go to solution
Alex Cox
ServiceNow Employee
ServiceNow Employee
In response to ESkogquist

‎04-03-2020 01:08 PM

Hello devsite,

There is now support for Qualys Policy & Compliance data, using the Configuration Compliance application.  This works very similarly to VR, but the data model is quite different!

Here is a link to the docs landing page for that application:

https://docs.servicenow.com/bundle/orlando-security-management/page/product/vulnerability-config-com...