Our technical team is interested in integrate LogRhythm with Qualys VM (consultant license) . Could someone explain what are the requirements that should be done and the procedure.
Thanks in advanced
LogRhythm can pull data over API and consume it like all other SIEM's and GRC's do via a connector or similar. This is like data pull when you want or over a schedule. You should work with LogRhythm to obtain the necessary documentation and the necessary connector software or middleware.
Another approach would be, to use to Qualys CloudAgent and Continuos monitoring for realtime vuln and config data from the host. The incremental host data is beamed to our SoC and can be downloaded as correlated events by the Qualys CM API directly in CEF format which should be easy for any SIEM to parse and also take measures for threat response.
p.s : Please verify with your TAM if your consultant subscription comes with the Qualys API platform access license.
Retrieving data ...