Summary - A unique use case was presented using Qualys Web Application Scanner. It is used for web app discovery and detection of vulnerabilities and misconfigurations within the organisation specific website. Over 150+ websites need to be scanned each quarter. Client had only 6 scan licenses, limiting them to scan 6 web applications to scan at a time. The process was manually to provide link, download reports, keep track in an excel file and monitor completion process.
FortiSOAR, addressed the issue by creating a custom module to import all the URLs for scan. Using schedule management, custom schedules were created to push URLs to Qualys web application scanner (WAS). FortiSOAR would check at a fixed interval to confirm completion of scan. If completed it would be download the report, delete the Url from Qualys and push a new URL. There by automating complete solution without increasing additional licenses for scan.
Process-flow
Tasks achieved
- Create custom module for Web Vulnerabilities
- Push web URL to Qualys WAS scanner (Max 6)
- Remove the URL with Finished tag from Qualys and upload limited URL as license count
- Get the update of the scan
- Execute scan on URL upload
- Mark scan complete
Prerequisite
- Install and configure Qualys connector
- Create a customer module in FortiSOAR under Vulnerability Management having following fields
- ID
- URL
- Status
- Owner
- Type
- Completion date
- Attachment
