7 Replies Latest reply: Sep 30, 2011 9:40 AM by Robert Dell'Immagine RSS

Qualysguard & Modulo

David Moule

Is there anybody out there who has integrated Qualysguard with the Modulo IT GRC system?

We will be running a Proof of Concept of this in September and I'm trying to get a heads-up on any potential issues and requirements.

We are also gin to be using the SaaS model and would welcome any views or experiences on this.

 

From a Qualys VM perspective we are looking at using Modulo to improve issue ticketing and tracking and also provide enhanced risk management based reporting (however this is only one element of broader Information Security management initiative).

 

If you'd be willing to share please would you PM me and I will arrange  a telecon.

 

Many thanks.

  • Qualysguard & Modulo
    Jason Creech

    Hi David,

     

    I happened across your post and forwarded the request to Qualys product management.  There was a recent upgrade to Modulo that strengthened the integration.   PM can comment more on the details and perhaps direct you to more definitive content on the VM integration.

     

     

    Thank you,

     

    Jason Creech

    Director, Policy Compliance

    Qualys

    • Re: Qualysguard & Modulo
      David Moule

      Jason, thanks for getting back to me.

      I have now recieved an email from Matthew Alderman which gives me more

      food for thought.

       

       

      Regards / Le meas

       

      David Moule

      Manager

      Information  Security Assurance

      AIB Bankcentre L1,  Dublin 4, Ireland

      tel:  +353 (0) 1 6413881

      fax: +353 (0) 1 6089844

      mob: +353 (0) 866029464

      email: david.moule@aib.ie

       

      This document is strictly confidential and is intended for use by the addressee unless otherwise indicated. Allied Irish Banks,

      AIB and AIB Group are registered business names of Allied Irish Banks p.l.c. Allied Irish Banks, p.l.c. is regulated by the Central Bank of Ireland.  Registered Office: Bankcentre, Ballsbridge, Dublin 4. Tel: + 353 1 6600311; Registered in Ireland: Registered No. 24173.

      ~~~~~~Please consider the environment before printing this Email~~~~~~~

      This email has been scanned by an external Email Security System.

  • Re: Qualysguard & Modulo
    malderman

    David,

     

    Unfortunately, we cannot provide any customer contacts through the Community, but we did want to provide some updates on our integration with Modulo.  Modulo 7.3 is planning to improve three main integration tasks for VM:


     

    • Import assets from QualysGuard
      • Ability to run multiple imports and associate assets to variousassets within Modulo.
      • Assets with vulnerabilities will have vulnerability tab withvulnerabilities listed.
    • Import Vulnerabilities forRisk Analysis, Evaluation, and Treatment
      • In a Risk Project, ability to import vulnerabilities foranalysis, evaluation, and treatment.
      • Import allows custom risk score that correlates with PSR score within Modulo.
    • Integration with Remediation and Workflow
      • Synchronize remediation from QualysGuard VM with status fortracking.
      • If vulnerabilitieswith remediations are included in a Risk Project, then Treatment status isalready imported from Workflow.

     

    A high-level diagram of these integration tasks is provided below as a reference:

     

    Integration workflow.png

    One of the interesting improvements is the ability to correlate the risk score with the PSR score in Modulo.  The mathematical expression used to calculate the risk score for vulnerabilities can be customized with the following variables in Modulo:

     

    Variables.png

     

    Finally, when you send these vulnerabilities to Workflow Module. The Synchronize Qualys Scanner Remediation task creates a routine for updating or closing events in the Workflow module created to treat vulnerabilities.  These events are closed if the corresponding ticket for the vulnerability in Qualys is resolved. In the case of consolidated events for treating multiple vulnerabilities, the progress of the event is updated to indicate that a certain vulnerability was shown to be resolved.

     

    Hopefully this provides a better overview of the integration between Modulo and QualysGuard VM.


    • Re: Qualysguard & Modulo
      David Moule

      Matthew, thanks for your email, much appreciated.

       

      We are working with Carlos Krause at Modulo. Perhaps you know him.

       

       

      Can I ask a few clarifying questions?

       

       

      In the diagram there is a reference to the Qualysguard API Server. As far

      as I understand (and bear in mid I'm not the technical person) we do not

      use the API. We just run plain old simple reports out of the box. Is the

      API server something that we have to "turn on" or enable within our

      subscription or is it already there for use. If we do have to enable it,

      will affect our existing reports or operations for the period of the POC?

       

      I presume that Modulo require an account within our subscription to access

      our Qualys data. Would this be a  normal user account or is there

      something specific we have to mention when applying for it?

       

       

      Is there anything  in particular that you can think of, that  we have to

      start preparing on the Qualysguard  side to contribute to the success of

      our POC

       

       

       

      The reason I ask these is because our POC will start around the 19th of

      September  and I guess i need to start getting all my Qualysguard ducks in

      row now!

       

      Thanks in anticipation.

       

      Regards / Le meas

       

      David Moule

      Manager

      Information  Security Assurance

      AIB Bankcentre L1,  Dublin 4, Ireland

      tel:  +353 (0) 1 6413881

      fax: +353 (0) 1 6089844

      mob: +353 (0) 866029464

      email: david.moule@aib.ie

       

      This document is strictly confidential and is intended for use by the addressee unless otherwise indicated. Allied Irish Banks,

      AIB and AIB Group are registered business names of Allied Irish Banks p.l.c. Allied Irish Banks, p.l.c. is regulated by the Central Bank of Ireland.  Registered Office: Bankcentre, Ballsbridge, Dublin 4. Tel: + 353 1 6600311; Registered in Ireland: Registered No. 24173.

      ~~~~~~Please consider the environment before printing this Email~~~~~~~

      This email has been scanned by an external Email Security System.

      • Re: Qualysguard & Modulo
        malderman

        David,

         

        Access to the API is available in your subscription.  Each user account has the option to access the GUI and/or API.

         

        You can determine which account within QualysGuard can be used for the integration.  You can create a custom account or use an existing account.  At a minimum, the user will require read access to the assets, scan results, and tickets within QualysGuard.

         

        Unfortunately, I do not have all the technical details of the Modulo 7.3 integration, but I cannot think of any additional requirements in QualysGuard.

        • Re: Qualysguard & Modulo
          David Moule

          Matthew, thanks for the update.

          I'll progress getting the account set up accordingly.

           

          Regards / Le meas

           

          David Moule

          Manager

          Information  Security Assurance

          AIB Bankcentre L1,  Dublin 4, Ireland

          tel:  +353 (0) 1 6413881

          fax: +353 (0) 1 6089844

          mob: +353 (0) 866029464

          email: david.moule@aib.ie

           

          This document is strictly confidential and is intended for use by the addressee unless otherwise indicated. Allied Irish Banks,

          AIB and AIB Group are registered business names of Allied Irish Banks p.l.c. Allied Irish Banks, p.l.c. is regulated by the Central Bank of Ireland.  Registered Office: Bankcentre, Ballsbridge, Dublin 4. Tel: + 353 1 6600311; Registered in Ireland: Registered No. 24173.

          ~~~~~~Please consider the environment before printing this Email~~~~~~~

          This email has been scanned by an external Email Security System.

  • Re: Qualysguard & Modulo
    Robert Dell'Immagine

    In case you didn't see this, here are the details of the Qualys Modulo integration.