Log in to create and rate content, and to follow, bookmark, and share content with other members. Not a member? Join Now!

AnsweredAssumed Answered

Qualysguard & Modulo

Question asked by David Moule on Aug 5, 2011
Latest reply on Sep 30, 2011 by Robert Dell'Immagine

Like • Show 0 Likes0
Comment • 7

Is there anybody out there who has integrated Qualysguard with the Modulo IT GRC system?

We will be running a Proof of Concept of this in September and I'm trying to get a heads-up on any potential issues and requirements.

We are also gin to be using the SaaS model and would welcome any views or experiences on this.

From a Qualys VM perspective we are looking at using Modulo to improve issue ticketing and tracking and also provide enhanced risk management based reporting (however this is only one element of broader Information Security management initiative).

If you'd be willing to share please would you PM me and I will arrange a telecon.

Many thanks.

No one else has this question

Outcomes

7 Replies

Jason Creech Aug 15, 2011 10:33 AM
Mark Correct
Correct Answer
Hi David,

I happened across your post and forwarded the request to Qualys product management. There was a recent upgrade to Modulo that strengthened the integration. PM can comment more on the details and perhaps direct you to more definitive content on the VM integration.

Thank you,

Jason Creech
Director, Policy Compliance
Qualys
Like • Show 0 Likes0
Actions
- David Moule @ Jason Creech on Aug 16, 2011 12:03 AM
  Mark Correct
  Correct Answer
  Jason, thanks for getting back to me.
  I have now recieved an email from Matthew Alderman which gives me more
  food for thought.
  
  Regards / Le meas
  
  David Moule
  Manager
  Information Security Assurance
  AIB Bankcentre L1, Dublin 4, Ireland
  tel: +353 (0) 1 6413881
  fax: +353 (0) 1 6089844
  mob: +353 (0) 866029464
  email: david.moule@aib.ie
  
  This document is strictly confidential and is intended for use by the addressee unless otherwise indicated. Allied Irish Banks,
  AIB and AIB Group are registered business names of Allied Irish Banks p.l.c. Allied Irish Banks, p.l.c. is regulated by the Central Bank of Ireland. Registered Office: Bankcentre, Ballsbridge, Dublin 4. Tel: + 353 1 6600311; Registered in Ireland: Registered No. 24173.
  ~~~~~~_{Please consider the environment before printing this Email}~~~~~~~
  This email has been scanned by an external Email Security System.
  Like • Show 0 Likes0
  Actions
malderman Aug 15, 2011 10:54 AM
Mark Correct
Correct Answer
David,

Unfortunately, we cannot provide any customer contacts through the Community, but we did want to provide some updates on our integration with Modulo. Modulo 7.3 is planning to improve three main integration tasks for VM:
- Import assets from QualysGuard
  Ability to run multiple imports and associate assets to variousassets within Modulo.
  Assets with vulnerabilities will have vulnerability tab withvulnerabilities listed.
- Import Vulnerabilities forRisk Analysis, Evaluation, and Treatment
  In a Risk Project, ability to import vulnerabilities foranalysis, evaluation, and treatment.
  Import allows custom risk score that correlates with PSR score within Modulo.
- Integration with Remediation and Workflow
  Synchronize remediation from QualysGuard VM with status fortracking.
  If vulnerabilitieswith remediations are included in a Risk Project, then Treatment status isalready imported from Workflow.
A high-level diagram of these integration tasks is provided below as a reference:

One of the interesting improvements is the ability to correlate the risk score with the PSR score in Modulo. The mathematical expression used to calculate the risk score for vulnerabilities can be customized with the following variables in Modulo:

Finally, when you send these vulnerabilities to Workflow Module. The Synchronize Qualys Scanner Remediation task creates a routine for updating or closing events in the Workflow module created to treat vulnerabilities. These events are closed if the corresponding ticket for the vulnerability in Qualys is resolved. In the case of consolidated events for treating multiple vulnerabilities, the progress of the event is updated to indicate that a certain vulnerability was shown to be resolved.

Hopefully this provides a better overview of the integration between Modulo and QualysGuard VM.
Like • Show 0 Likes0
Actions
- David Moule @ null on Aug 16, 2011 1:42 AM
  Mark Correct
  Correct Answer
  Matthew, thanks for your email, much appreciated.
  
  We are working with Carlos Krause at Modulo. Perhaps you know him.
  
  Can I ask a few clarifying questions?
  
  In the diagram there is a reference to the Qualysguard API Server. As far
  as I understand (and bear in mid I'm not the technical person) we do not
  use the API. We just run plain old simple reports out of the box. Is the
  API server something that we have to "turn on" or enable within our
  subscription or is it already there for use. If we do have to enable it,
  will affect our existing reports or operations for the period of the POC?
  
  I presume that Modulo require an account within our subscription to access
  our Qualys data. Would this be a normal user account or is there
  something specific we have to mention when applying for it?
  
  Is there anything in particular that you can think of, that we have to
  start preparing on the Qualysguard side to contribute to the success of
  our POC
  
  The reason I ask these is because our POC will start around the 19th of
  September and I guess i need to start getting all my Qualysguard ducks in
  row now!
  
  Thanks in anticipation.
  
  Regards / Le meas
  
  David Moule
  Manager
  Information Security Assurance
  AIB Bankcentre L1, Dublin 4, Ireland
  tel: +353 (0) 1 6413881
  fax: +353 (0) 1 6089844
  mob: +353 (0) 866029464
  email: david.moule@aib.ie
  
  This document is strictly confidential and is intended for use by the addressee unless otherwise indicated. Allied Irish Banks,
  AIB and AIB Group are registered business names of Allied Irish Banks p.l.c. Allied Irish Banks, p.l.c. is regulated by the Central Bank of Ireland. Registered Office: Bankcentre, Ballsbridge, Dublin 4. Tel: + 353 1 6600311; Registered in Ireland: Registered No. 24173.
  ~~~~~~_{Please consider the environment before printing this Email}~~~~~~~
  This email has been scanned by an external Email Security System.
  Like • Show 0 Likes0
  Actions
  - malderman @ David Moule on Aug 16, 2011 3:52 PM
    Mark Correct
    Correct Answer
    David,
    
    Access to the API is available in your subscription. Each user account has the option to access the GUI and/or API.
    
    You can determine which account within QualysGuard can be used for the integration. You can create a custom account or use an existing account. At a minimum, the user will require read access to the assets, scan results, and tickets within QualysGuard.
    
    Unfortunately, I do not have all the technical details of the Modulo 7.3 integration, but I cannot think of any additional requirements in QualysGuard.
    Like • Show 0 Likes0
    Actions
    - David Moule @ null on Aug 19, 2011 12:13 AM
      Mark Correct
      Correct Answer
      Matthew, thanks for the update.
      I'll progress getting the account set up accordingly.
      
      Regards / Le meas
      
      David Moule
      Manager
      Information Security Assurance
      AIB Bankcentre L1, Dublin 4, Ireland
      tel: +353 (0) 1 6413881
      fax: +353 (0) 1 6089844
      mob: +353 (0) 866029464
      email: david.moule@aib.ie
      
      This document is strictly confidential and is intended for use by the addressee unless otherwise indicated. Allied Irish Banks,
      AIB and AIB Group are registered business names of Allied Irish Banks p.l.c. Allied Irish Banks, p.l.c. is regulated by the Central Bank of Ireland. Registered Office: Bankcentre, Ballsbridge, Dublin 4. Tel: + 353 1 6600311; Registered in Ireland: Registered No. 24173.
      ~~~~~~_{Please consider the environment before printing this Email}~~~~~~~
      This email has been scanned by an external Email Security System.
      Like • Show 0 Likes0
      Actions
Robert Dell'Immagine Sep 30, 2011 9:40 AM
Mark Correct
Correct Answer
In case you didn't see this, here are the details of the Qualys Modulo integration.
Like • Show 0 Likes0
Actions

Qualysguard & Modulo

Outcomes

Related Content

Recommended Content