Skip to main content

Quarterback AI

Qualys VMDR

The Qualys VMDR Connector App allows security teams to integrate with the Qualys VMDR enterprise application to track assets on the network and manage hardware/software inventory and IP addresses.

Supported Actions and Example Prompts

The following table lists the supported actions and prompt examples for an action:

Action Name

Description

Prompt Example

Purge hosts

This action purges hosts in your account to remove the assessment data associated with them. For more information, see Purge hosts.

Purge the host with the ID 10.10.30.1-10.10.30.50.

Launch VM scan

This action launches a vulnerability scan in the user’s account. For more information, see Launch VM scan.

Launch a vulnerability scan with the title scan-1 on the IP address 10.10.10.10 in Qualys VMDR.

Host List Detection

This action downloads a list of hosts with the hosts' latest vulnerability data, based on the host scan data available in the user’s account. For more information, see Host List Detection.

Downloads a list of hosts detected using Qualys VMDR.

Add IP addresses

This action can be used to add IP addresses to the user's subscription. Once added, they are available for scanning and reporting. For more information, see Add IP addresses.

Add the IP address 10.10.30.1 to the user's subscriptions in Qualys VMDR.

Get a list of IP addresses

This action retrieves a list of IP addresses in the user's account. For more information, see Get a list of IP addresses.

Get a list of IP addresses from Qualys VMDR.

Launch compliance scan

This action can be used to launch a compliance scan in the user’s account. For more information, see Launch compliance scan

Launch a compliance scan with the title compliance-1 on the IP address 10.10.25.52 using Qualys VMDR.

Install and Configure the App

Install and configure the required apps to enable Quarterback AI to perform various security-related tasks and provide relevant responses. After installing an app, you must create an instance that will be used to communicate with the app endpoints. An app can have multiple instances, and you can set a default instance from the configured instance list.

Before you Start

Ensure that you have the API token to authenticate with the Qualys VMDR app.

Steps

To install and configure an app, follow these steps:

  1. Go to the application, in the left pane, select Quarterback AI.

  2. In Apps, select Qualys VMDR and click Install.

  3. After the app is installed, click Configure and enter the following details to create an instance:

    • Instance Name: Enter a name for the instance.

    • Instance Description: Enter a description for the instance.

    • Expiry: Select an expiry date for the instance.

    • Set as default instance: Select this option to set this instance as the default instance. By default, this instance will be used to perform actions from this app.

    • Base URL: Enter the Qualys VMDR base URL.

    • Username: Enter the username associated with the Qualys VMDR instance.

    • Password: Enter a password to authenticate with Qualys VMDR.

    • SSL verification: Select this option to verify SSL while making requests. It is recommended to select this option to ensure a secure connection. By default, this option is not selected.

    • Timeout: Enter the timeout value in seconds. This is the number of seconds that requests will wait to establish a connection with Qualys VMDR. You can enter values between 15 - 120 seconds. By default, 15 seconds is set.

  4. Click Done.

The instance is created, and you can view it in Instances. To create another instance, click Add Instance.

Purge hosts

This action can be used to purge hosts in your account to remove the assessment data associated with them.

Action Input Parameters

Parameter

Description

Field Type

Required / Optional

Comments

Additional Parameters

Enter additional parameters in the form of key-value pairs to filter results.

Key Value

Optional

IP Address

Enter one or more comma-separated IP addresses or ranges to purge. Use a hyphen for ranges.

Example:

10.10.30.1-10.10.30.50

Text

Required

Add IP addresses

This action adds IP addresses to the user's subscription. Once added, they are available for scanning and reporting.

Action Input Parameters

Parameter

Description

Field Type

Required / Optional

Comments

IP Addresses

Enter IPs to be added. Multiple IPs/ranges can be added as comma-separated values. An IP range is specified with a hyphen.

For example, 10.10.30.1-10.10.30.50.

Text

Required

Additional Parameters

Enter additional parameters in the form of key-value pairs to filter results. For example, "ips": "1.1.2.3"

Key Value

Optional

Allowed keys are ips, network_id, tracking_method, compliance_enabled, certview_enabled, and limit

Enable VM

Preference to enable or disable the VM app

Integer

Optional

Allowed values:

  • 0 for false

  • 1 for true

Default value: 0

Enable PC

Preference to enable or disable the PC app

Integer

Optional

Allowed values:

  • 0 for false

  • 1 for true

Default value: 0

Launch VM scan

This action launches a vulnerability scan in the user’s account.

Action Input Parameters

Parameter

Description

Field Type

Required / Optional

Comments

Additional Parameters

Enter additional parameters in the form of key-value pairs to filter results.

Key Value

Optional

Title

Enter the title for VM Scan.

Text

Required

IP Address

Enter one or more IP addresses to launch a scan on them.

For example:

10.10.10.10

Text

Required

Option Profile ID

Enter the option profile ID for VM Scan.

Integer

Optional

You must enter either the Option Profile ID or the Option Profile Title to make the request.

Option Profile Title

Enter the option profile title for VM Scan.

Text

Optional

You must enter either the Option Profile ID or the Option Profile Title to make the request.

Get a list of IP addresses

This action retrieves a list of IP addresses in the user's account.

Action Input Parameters

Parameter

Description

Field Type

Required / Optional

Comments

Additional Parameters

Enter additional parameters in the form of key-value pairs to filter results. For example, "ips": "1.1.1.1-1.1.1.5"

Key Value

Optional

Allowed keys are IPs, network_id, tracking_method, compliance_enabled, certview_enabled, and limit.

Host List Detection

This action downloads a list of hosts with the hosts' latest vulnerability data, based on the host scan data available in the user’s account.

Action Input Parameters

Parameter

Description

Field Type

Required / Optional

Comments

Additional Parameters

Enter additional parameters in the form of key-value pairs to filter results.

Key Value

Optional

Launch compliance scan

This action launches a compliance scan in the user’s account.

Action Input Parameters

Parameter

Description

Field Type

Required / Optional

Comments

Title

Enter the title for VM Scan.

Text

Required

IP Address

Enter one or more IP addresses to launch a compliance scan on them.

Example:

10.10.25.52

Text

Required

Option Profile ID

Enter the option profile ID for VM Scan.

Integer

Optional

You must enter either the Option Profile ID or the Option Profile Title to make the request.

Option Profile Title

Enter the option profile title for VM Scan.

Text

Optional

You must enter either the Option Profile ID or the Option Profile Title to make the request.

Additional Parameters

Enter additional parameters in the form of key-value pairs to filter results.

Example:

Example: {'key1': 'value1', 'key2': 'value2'}

Key Value

Optional