Skip to main content

Qualys Vulnerability Management Integration Setup

This guide walks you through integrating Qualys Vulnerability Management (VMDR) with RAD Security, enabling you to import vulnerability findings and correlate them with runtime security events. Qualys VMDR provides comprehensive vulnerability scanning, asset discovery, and compliance reporting for your infrastructure.

Prerequisites

Before you begin, ensure you have:
  • Admin access to Qualys Vulnerability Management
  • Manager or Unit Manager role in Qualys
  • A service email account that will remain active (not tied to an individual employee)
  • Access to RAD Security workspace with integration permissions
Service Account Best Practice: Use a service email account (e.g., security-services@company.com) rather than an individual’s email. This ensures the integration continues working even if employees leave the organization.

Step 1: Create Service User in Qualys

1

Log in to Qualys as Administrator

Log in to Qualys with an account that has either the Manager or Unit Manager role
2

Navigate to Users Management

  1. Navigate to the Vulnerability Management product
  2. Click the USERS option from the top menu (located toward the right side)
3

Create New User

  1. In the Users interface, click New > User
  2. This will open a modal titled New User
4

Enter User Details

Under the General Information section, provide:
  • First Name (e.g., “RAD Security”)
  • Last Name (e.g., “Integration”)
  • Title (e.g., “Service Account”)
  • Phone
  • Email Address (use your service email account)
  • Address 1
  • Country
5

Configure User Role

In the User Role section:
  1. Select either Scanner or Reader role
    • Reader: Recommended for read-only vulnerability data access
    • Scanner: If you need scanning capabilities
  2. Check both the GUI and API boxes
For RAD Security integration, the Reader role with API access is typically sufficient as we only need to read vulnerability data.
6

Assign Asset Groups

Under Asset Groups on the left:
  1. Click the Add asset groups dropdown
  2. Select either:
    • All - Grant access to all assets (recommended for complete visibility)
    • Specific asset groups - Choose individual groups if you want to limit scope
7

Save and Note Username

  1. Click the Save button at the far right corner of the modal
  2. After creation, locate the new user entry in the users list
  3. Note the randomly generated username for this account - you’ll need this later
8

Log Out

Log out of your administrator account
Save the username immediately! The randomly generated username is only displayed in the users list and will be needed for authentication.

Step 2: Complete Service Account Registration

1

Check Registration Email

The service email address will receive a registration message from Qualys containing:
  • A link to begin the user registration process
  • An OTP (One-Time Password) code
Copy the OTP code - you’ll need it on the next screen
2

Complete Registration

  1. Click the link in the email to begin registration
  2. Follow the prompts to complete the registration process
  3. Enter the OTP code when prompted
  4. You will receive a password for the account
Save this password securely! If you lose it, you’ll need to use the Forgot Password process to reset it.
3

Note Base URL

On the registration screen, you will see the base URL for UI and API access.Common Qualys URLs by region:
  • US Platform 1: https://qualysapi.qualys.com
  • US Platform 2: https://qualysapi.qg2.apps.qualys.com
  • US Platform 3: https://qualysapi.qg3.apps.qualys.com
  • US Platform 4: https://qualysapi.qg4.apps.qualys.com
  • EU Platform 1: https://qualysapi.qualys.eu
  • EU Platform 2: https://qualysapi.qg2.apps.qualys.eu
  • India Platform 1: https://qualysapi.qg1.apps.qualys.in
  • Canada Platform 1: https://qualysapi.qg1.apps.qualys.ca
Save this URL - it will be used for the integration configuration
4

Verify Login

Using the username from Step 1 and the password from this step, log in to the Qualys Vulnerability Management UI to verify the account works correctly

Step 3: Configure in RAD Security

Navigate to your RAD Security workspace and configure the Qualys integration with the following parameters:

Required Parameters

ParameterDescriptionExample
Base URLThe base URL from Step 2https://qualysapi.qualys.com
UsernameThe randomly generated username from Step 1qualys_user_123456
SecretThe password from Step 2your-secure-password
Make sure to use the API URL (not the UI URL). API URLs typically start with qualysapi. rather than qualysguard..

Verify Integration

After completing the setup, verify your integration is working:
  1. Navigate to Data Sources > Integrations > Vulnerabilities in RAD Security
  2. Locate your Qualys integration
  3. Check the connection status shows as Connected
  4. Verify vulnerability data is being synced
Your Qualys Vulnerability Management integration is now configured! RAD Security can now import vulnerability findings and correlate them with runtime security events.

What Data is Synced

Once configured, RAD Security will sync the following data from Qualys:
  • QID (Qualys Vulnerability ID) information
  • CVE identifiers
  • Vulnerability severity and CVSS scores
  • Affected hosts and assets
  • Detection dates and status
  • PCI compliance impact
  • Host inventory
  • Operating system details
  • Network information (IP addresses, DNS)
  • Asset tags and groups
  • Last scan dates
  • Compliance posture assessments
  • Policy compliance status
  • Control findings
  • Remediation tickets

Use Cases

Vulnerability Correlation

Correlate Qualys vulnerability scans with runtime security events to identify active exploitation attempts.

Risk Prioritization

Prioritize vulnerabilities based on runtime exposure, criticality, and exploitability.

Compliance Validation

Verify compliance remediation efforts with runtime validation and monitoring.

Asset Discovery

Maintain an up-to-date asset inventory correlated with runtime security data.

Troubleshooting

Possible causes:
  • Incorrect username or password
  • Service account not properly activated
  • Wrong API URL for your Qualys platform
Solution:
  • Verify username and password are correct
  • Ensure you completed the email registration process
  • Check you’re using the correct regional API URL
  • Try logging into Qualys UI with the same credentials to verify they work
Possible causes:
  • User role doesn’t have API access
  • Asset groups not properly assigned
  • Scanner/Reader role not selected
Solution:
  • Log in to Qualys as admin and edit the user
  • Verify both GUI and API checkboxes are checked
  • Ensure Scanner or Reader role is assigned
  • Verify asset groups are assigned (All or specific groups)
Possible causes:
  • No vulnerability scans completed yet
  • Asset groups don’t contain any scanned assets
  • Initial sync still in progress
Solution:
  • Verify vulnerability scans have been completed in Qualys
  • Check that the service account has access to the correct asset groups
  • Allow up to 15 minutes for initial data sync
  • Review integration logs in RAD Security for specific errors
Possible causes:
  • Using UI URL instead of API URL
  • Using wrong regional platform
Solution:
  • Ensure you’re using qualysapi. not qualysguard.
  • Verify you’re using the correct platform for your region
  • Check the URL shown during account registration
  • Common mistake: Using Platform 1 URL when your account is on Platform 2, 3, or 4
Possible causes:
  • Too many failed login attempts
  • Service email account was deactivated
  • User was disabled by administrator
Solution:
  • Contact your Qualys administrator to unlock the account
  • Verify the service email account is still active and receiving emails
  • Check with your IT team that the email account hasn’t been decommissioned

Security Best Practices

Use Service Accounts

Always use a service email account (not personal) to ensure continuity when employees change roles or leave.

Least Privilege Access

Use the Reader role unless Scanner capabilities are specifically needed. Only assign necessary asset groups.

Secure Credential Storage

Store credentials securely. Never commit them to version control or share via unsecured channels.

Regular Access Reviews

Periodically review service account permissions and asset group assignments in Qualys.

Password Management

Store the service account password in a secure password manager accessible to your security team.

Monitor API Usage

Regularly review API usage in Qualys to detect any anomalous activity.

Next Steps

Vulnerabilities Overview

Explore other vulnerability integration options

Runtime Security

Learn how RAD correlates vulnerabilities with runtime threats

Alerts & Incidents

Configure alerts for vulnerability-related events

Threat Models

Understand how threats are detected and prioritized