7 Replies Latest reply on Sep 30, 2011 9:40 AM by Robert Dell'Immagine

    Qualysguard & Modulo

    David Moule Level 1

      Is there anybody out there who has integrated Qualysguard with the Modulo IT GRC system?

      We will be running a Proof of Concept of this in September and I'm trying to get a heads-up on any potential issues and requirements.

      We are also gin to be using the SaaS model and would welcome any views or experiences on this.

       

      From a Qualys VM perspective we are looking at using Modulo to improve issue ticketing and tracking and also provide enhanced risk management based reporting (however this is only one element of broader Information Security management initiative).

       

      If you'd be willing to share please would you PM me and I will arrange  a telecon.

       

      Many thanks.

        • Qualysguard & Modulo
          Jason Creech Level 3

          Hi David,

           

          I happened across your post and forwarded the request to Qualys product management.  There was a recent upgrade to Modulo that strengthened the integration.   PM can comment more on the details and perhaps direct you to more definitive content on the VM integration.

           

           

          Thank you,

           

          Jason Creech

          Director, Policy Compliance

          Qualys

            • Re: Qualysguard & Modulo
              David Moule Level 1

              Jason, thanks for getting back to me.

              I have now recieved an email from Matthew Alderman which gives me more

              food for thought.

               

               

              Regards / Le meas

               

              David Moule

              Manager

              Information  Security Assurance

              AIB Bankcentre L1,  Dublin 4, Ireland

              tel:  +353 (0) 1 6413881

              fax: +353 (0) 1 6089844

              mob: +353 (0) 866029464

              email: david.moule@aib.ie

               

              This document is strictly confidential and is intended for use by the addressee unless otherwise indicated. Allied Irish Banks,

              AIB and AIB Group are registered business names of Allied Irish Banks p.l.c. Allied Irish Banks, p.l.c. is regulated by the Central Bank of Ireland.  Registered Office: Bankcentre, Ballsbridge, Dublin 4. Tel: + 353 1 6600311; Registered in Ireland: Registered No. 24173.

              ~~~~~~Please consider the environment before printing this Email~~~~~~~

              This email has been scanned by an external Email Security System.

            • Re: Qualysguard & Modulo
              malderman Level 3

              David,

               

              Unfortunately, we cannot provide any customer contacts through the Community, but we did want to provide some updates on our integration with Modulo.  Modulo 7.3 is planning to improve three main integration tasks for VM:


               

              • Import assets from QualysGuard
                • Ability to run multiple imports and associate assets to variousassets within Modulo.
                • Assets with vulnerabilities will have vulnerability tab withvulnerabilities listed.
              • Import Vulnerabilities forRisk Analysis, Evaluation, and Treatment
                • In a Risk Project, ability to import vulnerabilities foranalysis, evaluation, and treatment.
                • Import allows custom risk score that correlates with PSR score within Modulo.
              • Integration with Remediation and Workflow
                • Synchronize remediation from QualysGuard VM with status fortracking.
                • If vulnerabilitieswith remediations are included in a Risk Project, then Treatment status isalready imported from Workflow.

               

              A high-level diagram of these integration tasks is provided below as a reference:

               

              Integration workflow.png

              One of the interesting improvements is the ability to correlate the risk score with the PSR score in Modulo.  The mathematical expression used to calculate the risk score for vulnerabilities can be customized with the following variables in Modulo:

               

              Variables.png

               

              Finally, when you send these vulnerabilities to Workflow Module. The Synchronize Qualys Scanner Remediation task creates a routine for updating or closing events in the Workflow module created to treat vulnerabilities.  These events are closed if the corresponding ticket for the vulnerability in Qualys is resolved. In the case of consolidated events for treating multiple vulnerabilities, the progress of the event is updated to indicate that a certain vulnerability was shown to be resolved.

               

              Hopefully this provides a better overview of the integration between Modulo and QualysGuard VM.


                • Re: Qualysguard & Modulo
                  David Moule Level 1

                  Matthew, thanks for your email, much appreciated.

                   

                  We are working with Carlos Krause at Modulo. Perhaps you know him.

                   

                   

                  Can I ask a few clarifying questions?

                   

                   

                  In the diagram there is a reference to the Qualysguard API Server. As far

                  as I understand (and bear in mid I'm not the technical person) we do not

                  use the API. We just run plain old simple reports out of the box. Is the

                  API server something that we have to "turn on" or enable within our

                  subscription or is it already there for use. If we do have to enable it,

                  will affect our existing reports or operations for the period of the POC?

                   

                  I presume that Modulo require an account within our subscription to access

                  our Qualys data. Would this be a  normal user account or is there

                  something specific we have to mention when applying for it?

                   

                   

                  Is there anything  in particular that you can think of, that  we have to

                  start preparing on the Qualysguard  side to contribute to the success of

                  our POC

                   

                   

                   

                  The reason I ask these is because our POC will start around the 19th of

                  September  and I guess i need to start getting all my Qualysguard ducks in

                  row now!

                   

                  Thanks in anticipation.

                   

                  Regards / Le meas

                   

                  David Moule

                  Manager

                  Information  Security Assurance

                  AIB Bankcentre L1,  Dublin 4, Ireland

                  tel:  +353 (0) 1 6413881

                  fax: +353 (0) 1 6089844

                  mob: +353 (0) 866029464

                  email: david.moule@aib.ie

                   

                  This document is strictly confidential and is intended for use by the addressee unless otherwise indicated. Allied Irish Banks,

                  AIB and AIB Group are registered business names of Allied Irish Banks p.l.c. Allied Irish Banks, p.l.c. is regulated by the Central Bank of Ireland.  Registered Office: Bankcentre, Ballsbridge, Dublin 4. Tel: + 353 1 6600311; Registered in Ireland: Registered No. 24173.

                  ~~~~~~Please consider the environment before printing this Email~~~~~~~

                  This email has been scanned by an external Email Security System.

                    • Re: Qualysguard & Modulo
                      malderman Level 3

                      David,

                       

                      Access to the API is available in your subscription.  Each user account has the option to access the GUI and/or API.

                       

                      You can determine which account within QualysGuard can be used for the integration.  You can create a custom account or use an existing account.  At a minimum, the user will require read access to the assets, scan results, and tickets within QualysGuard.

                       

                      Unfortunately, I do not have all the technical details of the Modulo 7.3 integration, but I cannot think of any additional requirements in QualysGuard.

                        • Re: Qualysguard & Modulo
                          David Moule Level 1

                          Matthew, thanks for the update.

                          I'll progress getting the account set up accordingly.

                           

                          Regards / Le meas

                           

                          David Moule

                          Manager

                          Information  Security Assurance

                          AIB Bankcentre L1,  Dublin 4, Ireland

                          tel:  +353 (0) 1 6413881

                          fax: +353 (0) 1 6089844

                          mob: +353 (0) 866029464

                          email: david.moule@aib.ie

                           

                          This document is strictly confidential and is intended for use by the addressee unless otherwise indicated. Allied Irish Banks,

                          AIB and AIB Group are registered business names of Allied Irish Banks p.l.c. Allied Irish Banks, p.l.c. is regulated by the Central Bank of Ireland.  Registered Office: Bankcentre, Ballsbridge, Dublin 4. Tel: + 353 1 6600311; Registered in Ireland: Registered No. 24173.

                          ~~~~~~Please consider the environment before printing this Email~~~~~~~

                          This email has been scanned by an external Email Security System.

                    • Re: Qualysguard & Modulo
                      Robert Dell'Immagine Level 5

                      In case you didn't see this, here are the details of the Qualys Modulo integration.