Skip navigation
6708 Views 7 Replies Latest reply: Sep 30, 2011 9:40 AM by Robert Dell'Immagine RSS
David Moule Level 1 19 posts since
Nov 15, 2010
Currently Being Moderated

Aug 5, 2011 12:10 AM

Qualysguard & Modulo

Is there anybody out there who has integrated Qualysguard with the Modulo IT GRC system?

We will be running a Proof of Concept of this in September and I'm trying to get a heads-up on any potential issues and requirements.

We are also gin to be using the SaaS model and would welcome any views or experiences on this.

 

From a Qualys VM perspective we are looking at using Modulo to improve issue ticketing and tracking and also provide enhanced risk management based reporting (however this is only one element of broader Information Security management initiative).

 

If you'd be willing to share please would you PM me and I will arrange  a telecon.

 

Many thanks.

  • Jason Creech Level 3 124 posts since
    May 28, 2010
    Currently Being Moderated
    Aug 15, 2011 10:33 AM (in response to David Moule)
    Qualysguard & Modulo

    Hi David,

     

    I happened across your post and forwarded the request to Qualys product management.  There was a recent upgrade to Modulo that strengthened the integration.   PM can comment more on the details and perhaps direct you to more definitive content on the VM integration.

     

     

    Thank you,

     

    Jason Creech

    Director, Policy Compliance

    Qualys

  • malderman Level 3 146 posts since
    Jul 23, 2010
    Currently Being Moderated
    Aug 15, 2011 10:54 AM (in response to David Moule)
    Re: Qualysguard & Modulo

    David,

     

    Unfortunately, we cannot provide any customer contacts through the Community, but we did want to provide some updates on our integration with Modulo.  Modulo 7.3 is planning to improve three main integration tasks for VM:


     

    • Import assets from QualysGuard
      • Ability to run multiple imports and associate assets to variousassets within Modulo.
      • Assets with vulnerabilities will have vulnerability tab withvulnerabilities listed.
    • Import Vulnerabilities forRisk Analysis, Evaluation, and Treatment
      • In a Risk Project, ability to import vulnerabilities foranalysis, evaluation, and treatment.
      • Import allows custom risk score that correlates with PSR score within Modulo.
    • Integration with Remediation and Workflow
      • Synchronize remediation from QualysGuard VM with status fortracking.
      • If vulnerabilitieswith remediations are included in a Risk Project, then Treatment status isalready imported from Workflow.

     

    A high-level diagram of these integration tasks is provided below as a reference:

     

    Integration workflow.png

    One of the interesting improvements is the ability to correlate the risk score with the PSR score in Modulo.  The mathematical expression used to calculate the risk score for vulnerabilities can be customized with the following variables in Modulo:

     

    Variables.png

     

    Finally, when you send these vulnerabilities to Workflow Module. The Synchronize Qualys Scanner Remediation task creates a routine for updating or closing events in the Workflow module created to treat vulnerabilities.  These events are closed if the corresponding ticket for the vulnerability in Qualys is resolved. In the case of consolidated events for treating multiple vulnerabilities, the progress of the event is updated to indicate that a certain vulnerability was shown to be resolved.

     

    Hopefully this provides a better overview of the integration between Modulo and QualysGuard VM.


      • malderman Level 3 146 posts since
        Jul 23, 2010
        Currently Being Moderated
        Aug 16, 2011 3:52 PM (in response to David Moule)
        Re: Qualysguard & Modulo

        David,

         

        Access to the API is available in your subscription.  Each user account has the option to access the GUI and/or API.

         

        You can determine which account within QualysGuard can be used for the integration.  You can create a custom account or use an existing account.  At a minimum, the user will require read access to the assets, scan results, and tickets within QualysGuard.

         

        Unfortunately, I do not have all the technical details of the Modulo 7.3 integration, but I cannot think of any additional requirements in QualysGuard.

  • Robert Dell'Immagine Level 4 254 posts since
    Apr 26, 2010
    Currently Being Moderated
    Sep 30, 2011 9:40 AM (in response to David Moule)
    Re: Qualysguard & Modulo

    In case you didn't see this, here are the details of the Qualys Modulo integration.

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 6 points