Does Qualys WAS provide feature for integration with other security products. e.g. web application firewall or SIEM (Security information & event management) tools or compliance based tools ...
Thanks & stay secure,
Qualys does integrate with Imperva and the lastest release of F5. More info on F5 will be available soon - here is info on imperva at a high level. Contact imperva/f5 for details for loading results from was to create rulesets.
Thanks for your quick response. It's really helpful. Any other Qualys tool that might be using the findings from WAS ? Like the Qualys PCI ...
There are several Qualys applications that make use of our WAS engine. PCI includes a limited set of WAS detections (those required by PCI) for external websites. Our VM application uses the same set of WAS detections when you choose the PCI Option Profile. Our SECURE Seal product performs unauthenticated WAS testing for external sites along with our VM, Malware and SSL assessments. So depending on your need - you can choose the product that includes the WAS scanning you require. The WAS application itself includes all options, all WAS detections, internal/external scanning, full authentication, etc. So it is the most complete WAS solution - the others are more directed for specific requirements.
When can we expect an update on F5 integration?
Do you need technical details or marketing materials? Just behind on many
things so need to determine what is most needed and I'll work on that.
Technical details would be good. A basic how-to that refers to the data that is exported, the API calls used, and what F5 does with the data.
Here are the basics, if you need more let me know.
Imperva, F5, and Citrix (future) will all use the same method. They download WAS scan results in an XML file and then from their WAF product console they load the file (each platform has different options and you would have to check their documentation for how to do that). The file is processed in the WAF and rules are generated to protect the application from attacks on the vulnerabilities we detected. There is a review process so users can accept or reject rules - and I think they can modify them if needed.
Customers download the XML results from WAS v1 by running a report and choosing the XML format option. In WAS 2, they use the API call as described in Eric's post here:
So it is pretty easy on our side - all the real work is the processing (creating the rules) within the WAF products themselves.
API is no longer required - see <incorrect link removed>
Message was edited by the community administrator.
Apologies - try this
Retrieving data ...