Skip to main content
Skip table of contents

Qualys Cloud Platform

Qualys Cloud Platform monitors customers' global security and compliance posture using sensors. This connects to the Qualys Cloud Platform service (including Qualys Scan and Qualys Host) to import information about devices and vulnerabilities.

For information about Qualys and Lucidum, see https://lucidum.io/qualys/.

Creating an API Key for Qualys

Before configuring the Qualys connector in Lucidum, you must first create a user with API access. Lucidum will use this user account to access Qualys.

The value supplied in User Name must be associated with one of the following user roles and with the following permissions:

  1. Manager role with full scope.

  2. Reader role with full scope.

  3. Non-manager role with the following permissions:

    • Access Permission "API Access".

    • Asset Management Permission "Read Asset".

    • Requested asset in their scope.

It is recommended to provide user permissions and access to all objects in the subscription.
From Qualys Administration utility, go to Users > User Management. Click the user account and select Actions > Edit. Then go to Roles and Scopes and select the Allow user full permissions and scope checkbox.

To enable user access to the API:

  1. From Qualys Administration utility, click the user button next to the Logout -> User Profile.

  2. The Edit User screen opens. Click User Role -> select the API checkbox to enable API Access.

  3. Save changes.

Configuring the Connector for Qualys

To configure Lucidum to ingest data from Qualys:

  1. Log in to Lucidum.

  2. In the left pane, click Connector.

  3. In the Connector page, click Add Connector.

  4. Scroll until you find the Connector you want to configure. Click Connect. The Settings page appears.

  5. In the Settings page, enter the following:

    •  Host (required) - The hostname of the Qualys API. Note that Qualys Scan/Host and Qualys Global IT may have different hostnames in different regions (for complete Qualys API URLs, refer to https://www.qualys.com/platform-identification/ ). For example,

    • User Name (required) -  The credentials for a user account that has the Required Permissions to fetch assets.

    • Password (required) -  The credentials for a user account that has the Required Permissions to fetch assets.

    • API Version (optional) - Qualys API version. Default Qualys Scan/Host API version is “2.0”, and default Qualys IT API version is “v1”.

    • Verify SSL. For future use.

  6. To test the configuration, click Test.

    • If the connector is configured correctly, Lucidum displays a list of services that are accessible with the connector.

    • If the connector is not configured correctly, Lucidum displays an error message.

Supported Actions

  • Launch scan on IP address

  • Launch scan on FQDN

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close