Qualys’ cloud offerings include the industry's most advanced, scalable, and extensible solution for vulnerability management.
NextGen SOAR Integration
Integrating D3 with Qualys connects vulnerability scans to your security operations command center. D3 ingests Qualys scan reports, analyzes them, and turns them into automation-powered response playbooks. The integration enables threat hunting across endpoints while standardizing and accelerating response to vulnerabilities.
Ingest and parse vulnerability scan reports in D3
Orchestrate response tasks to quickly remediate vulnerabilities
Search across past vulnerability scans for use in threat hunting
Correlate vulnerabilities with adversary techniques using the MITRE ATT&CK matrix
Key Use Case
Vulnerability Scan Response
D3’s integration with Qualys solves these issues by feeding vulnerability scans into automation-powered response workflows. When Qualys runs a scan across endpoints and detects a vulnerability, D3 reads and parses the scan report and generates an incident response playbook. D3 determines the endpoint on which the vulnerability was found and enriches the report with contextual information, including how the vulnerability fits into a MITRE ATT&CK kill chain. The user can notify the necessary teams from D3 or generate an IT ticket via D3 to schedule a patch or update. If the organization has existing scripts for patch management, D3 can trigger those directly.
Patch Management and Verification
As described in the previous use case, D3 can generate a ticket for the IT team to resolve a vulnerability found on endpoints via a patch or update. When the IT team closes the ticket, a notification is generated in D3. D3 then schedules a rescan of the affected endpoints via Qualys to verify that the patch has been successfully applied. D3 then ingests the rescan report so that the security analyst can confirm that the vulnerability has been remediated, and so that the entire process is documented in the SOC.
Meet Our Friends
Our Connected SOAR Security Alliance brings hundreds of vendors together, allowing customers to benefit from our deep industry relationships and fully vendor-agnostic, independent SOAR platform.