Qualys is a popular vulnerability assessment tool, used by pentesters to find and quantify devices, systems, and vulnerabilities. It also automatically checks for OWASP Top 10 and other well-defined risks, can track vulnerabilities over time, and integrates into IT ticketing systems. For this reason, it’s increasingly popular with both pentesters and with organizations looking to monitor their cybersecurity environment. 

Every pentester relies on their toolkit, ranging from scanners and probing tools like NMap and Metasploit to network monitoring and security testing like Burp Suite and Nessus. Your toolkit supports the work that you do and it’s important that every tool you use continues to support that tooling. 

That’s why Cyver Core now offers an integrated Qualys importer, meaning you can directly import Qualys exports into your Cyver Core portal. 

You can now import files directly from: 

  • Burp
  • Nessus
  • NMap
  • Qualys 

Cyver Core is also working on developing integration for NexPose and Open VAS, which will soon be available in the platform. 

Importing Findings from Qualys 

Cyver Core’s Qualys importer allows you to directly import findings exported from your Qualys tooling. 

  1. Export your findings to an XML 
  2. Click “Pentests” from the Cyver Core portal and choose the relevant pentest 
  3. Select “Import/Export” and choose “Import from File” 
  4. Click the “Qualys XML” option 
  5. Import your file 
  6. Choose settings and turn Auto-Fill for CWE/CVSS/Compliance Norms/Vulnerability Types, and Merge with Library on or off
  7. Wait for your Findings to import

Your Qualys findings will be imported to your Cyver Core portal, under the selected pentest, and using data as selected. From there, you can review those findings and choose to publish them directly to the client. 

If you’d like to know more about the Qualys importer in our pentest management portal, contact us for a demo of Cyver Core.