Setting Up the Qualys Template
This section explains how to configure your Qualys report template so that data can be correctly imported into CODA Footprint.
Required Columns
Your Qualys report template should include at least the following columns.
These represent the minimum required fields for accurate data mapping in CODA Footprint, as the integration processes data from the Excel export generated by Qualys.
Asset ID, IP, DNS, Port, Protocol, First Detected, Last Detected, Vuln Status, OS, QID, Title, CVSS Base, CVSS3.1 Base, Severity, Results, Solution, Impact, Associated Tags, CVE ID, Threat, Type
Template Name
You will need the name of the report template in the next section when configuring the API integration in CODA Footprint.
Configuring Qualys Integration in CODA Footprint
After creating your Qualys template, follow these steps to connect CODA Footprint to Qualys via API and import vulnerability data.
Step 1: Access Vulnerability Import page
Go to Scan Surface → Vulnerability Import
Step 2: Create a Qualys Import instance
Select Create Qualys Import (API integration).
In the Add a new Qualys Import window, enter a Integration Name, the Username and Password of the API user , the URL of the Qualys instance, and the Report Template name, then click Save.
Step 3: Wait for Tag Import
Once the configuration is saved, CODA Footprint automatically imports the Associated Tags from your Qualys template.
Wait until this process is complete before proceeding.
The duration depends on the time required for Qualys to generate the report.
Step 4: Configure Tags, Filters, and Fetch Settings
When the Qualys instance status changes from Importing tags to Not imported yet, click the second icon on the right to open the Filters & Tags modal.
In this modal, you can configure the following options:
Severity Filter – Select which vulnerability severities (e.g., Low, Medium, High, Critical) to import.
Auto-Fetch Schedule – Set how frequently CODA Footprint should automatically fetch new Qualys data. This setting is optional and it is disabled by default.
Included Tags – Tags from Qualys that will be imported.
Devices without any of these tags in their Associated Tags field will not appear in CODA Footprint.Excluded Tags – Tags that will be ignored during import.
By default, all tags imported from Qualys are initially set as excluded.Additional Tags – Tags that will be automatically added to all imported devices.
Step 5: Fetch Data
After setting the desired tags and filters, click Fetch Data to import the vulnerability data from Qualys.
During this process, devices and vulnerabilities are imported into CODA Footprint.
Data on devices and vulnerabilities is updated in real time, while the Remediation Report, Contextual Risk Scoring Report, and Action Plan are generated after the import completes.
Comments
0 comments
Please sign in to leave a comment.