Example: confidence

Qualys CloudView User Guide

CloudView user Guide December 25, 2021. Copyright 2019-2021 by Qualys , Inc. All Rights Reserved. Qualys and the Qualys logo are registered trademarks of Qualys , Inc. All other trademarks are the property of their respective owners. Qualys , Inc. 919 E Hillsdale Blvd 4th Floor Foster City, CA 94404. 1 (650) 801 6100. Table of Contents About this Guide .. 7. About Qualys .. 7. Qualys Support .. 7. CloudView Overview .. 8. Qualys Subscription and Modules required .. 8. Concepts and Terminologies .. 9. Get Started .. 10. AWS .. 10. Steps to Create AWS Connector .. 10. Base Account .. 16. Base Account Configuration in AWS Console.

applies to EC2/VPC services and Security Group Resource Service A service is the high level grouping by functional area. Each service consists of different entities or resources. Resource A resource is an entity that you can work with. Examples include an Amazon EC2 instance, IAM User, Security Group.

Fullscreen Download

Tags:

  Amazon, Services, Guide, User, Qualys, Qualys cloudview user guide, Cloudview

Information

Domain:

Source:

Link to this page:

Please notify us if you found a problem with this document:

Other abuse

Transcription of Qualys CloudView User Guide

1 CloudView user Guide December 25, 2021. Copyright 2019-2021 by Qualys , Inc. All Rights Reserved. Qualys and the Qualys logo are registered trademarks of Qualys , Inc. All other trademarks are the property of their respective owners. Qualys , Inc. 919 E Hillsdale Blvd 4th Floor Foster City, CA 94404. 1 (650) 801 6100. Table of Contents About this Guide .. 7. About Qualys .. 7. Qualys Support .. 7. CloudView Overview .. 8. Qualys Subscription and Modules required .. 8. Concepts and Terminologies .. 9. Get Started .. 10. AWS .. 10. Steps to Create AWS Connector .. 10. Base Account .. 16. Base Account Configuration in AWS Console.

2 18. Permissions for Fargate Profile .. 19. Create Custom Policy .. 21. Editing AWS Connectors .. 22. AWS Resource Inventory .. 23. Microsoft Azure .. 25. Pre-requisites .. 25. Steps to Create Azure Connector .. 26. Configuration Steps on Microsoft Azure console .. 28. Editing Microsoft Azure Connectors .. 36. Azure Resource Inventory .. 36. Google Cloud Platform .. 38. Steps to Create GCP Connector .. 38. Assign Service Account to other projects .. 43. Editing GCP Connectors .. 44. GCP Resource Inventory .. 44. Enable-Disable Connectors .. 45. Disable Connector .. 45. Enable Connector .. 45. Managing Connector Access for user Permissions.

3 47. New Users: Scope and Permissions .. 48. Create user .. 48. Assign Role to Users .. 49. Manage Access for Users (Grouping Connectors) .. 50. Manage Access for Users .. 52. Defining Scope for Existing Users .. 54. Sub user (All Privileges) .. 55. Verity Confidential Sub user (Reader Privileges) .. 58. Securing Cloud 60. Unified Dashboard .. 60. Resources Details .. 60. Instance Details .. 62. Vulnerability Details for Instances .. 62. Drill down to Vulnerability Details for Instances (only for AWS) .. 65. View Security Group Information .. 66. Resources Misconfigurations .. 68. Search Using Resource Parameter Information.

4 72. Search Policy Controls .. 73. Exceptions .. 76. Create Exception .. 76. View Exceptions .. 82. Edit Exceptions? .. 82. Delete exceptions? .. 83. Exception History .. 83. Exception Status .. 83. Policies and Controls .. 85. Customize Controls .. 85. Control Criticality .. 85. System Controls .. 87. user -Defined Controls .. 87. Copy Control and Customize .. 87. Build Your Own Policy .. 89. System Defined Policy .. 89. Set Up Your Own Policy (Custom Policy) .. 89. Policy Search .. 91. Associating Controls .. 91. Reports ..92. Assessment Reports .. 92. On-Screen Reports .. 95. Mandate Based Reporting.

5 95. Policy Based Report .. 99. List of Mandates .. 102. Configure Rule-based Alerts .. 104. Create and Manage Actions .. 105. Create a new Action .. 105. Manage Actions .. 106. Create and Manage Rules .. 106. Create New Rule .. 106. Manage Rules .. 108. Manage Alerts .. 108. Sample Queries .. 108. Trigger Criteria .. 109. Alerting Permissions .. 110. Remediating Cloud Resources .. 112. Configuring Remediation .. 112. Pre-requisites .. 112. Configure Remediation for New Connectors: AWS .. 113. Enable Remediation for New Connectors .. 113. Configuration on AWS Console .. 114. Enable Remediation for Existing AWS Connectors.

6 116. Configure Remediation: Microsoft Azure .. 117. Pre-requisites .. 117. Enable Remediation for New Azure Connectors .. 117. Configuration on Microsoft Azure Console .. 118. Enabling Remediation for Existing Azure Connectors .. 119. Configure Remediation: GCP .. 119. Enable Remediation for New GCP Connectors .. 119. Configuration on GCP Console .. 120. Enabling Remediation for Existing GCP Connectors .. 122. Viewing Remediation Activity .. 123. Remediation Activity: AWS .. 123. Remediation Activity: Microsoft Azure .. 124. Remediation Activity: GCP .. 124. Remediating Cloud Resources .. 125. Remediable Evaluations.

7 125. Actions for Cloud Resources (AWS) .. 127. Stop Instance .. 127. Remove IAM Profile .. 128. Permissions Required .. 129. CloudView APIs .. 132. Accessing APIs Using Swagger .. 132. Securing Infrastructure as Code .. 134. Template Support .. 134. Pre-requisites .. 135. Scanning Template Files Using CLI .. 135. Install Qualys IaC Security CLI .. 135. List of Commands .. 136. 5. Understanding Scan Output .. 139. Scanning Template Files Using API .. 139. What's more in Automatic Connector Creation .. 140. Role-based Access Management .. 140. Download Datalist .. 143. Choosing Data Range .. 144. Saved Search.

8 144. Customize Dashboards .. 146. How to Take Action .. 146. Adding custom widgets .. 146. Refresh your view .. 148. Configure number of Resources, Controls .. 148. Appendix: List of Policies and Controls .. 149. AWS Policies .. 150. CIS amazon Web services Foundations Benchmark .. 150. AWS Best Practices Policy .. 152. AWS Lambda Best Practices Policy .. 159. AWS Database Service Best Practices Policy .. 161. Azure Policies .. 165. CIS Microsoft Azure Foundations Benchmark .. 165. Azure Best Practices Policy .. 169. Azure Function App Best Practices Policy .. 178. Azure Database Service Best Practices Policy.

9 180. GCP Policies .. 183. CIS Google Cloud Platform Foundation Benchmark .. 183. GCP Best Practices Policy .. 188. GCP Cloud Functions Best Practices Policy .. 190. GCP Kubernetes Engine Best Practices Policy .. 190. GCP Cloud SQL Best Practices Policy .. 191. About this Guide About Qualys About this Guide Welcome to Qualys CloudView ! We'll help you get acquainted with the Qualys solutions for securing your AWS, Azure, and GCP resources using the Qualys Cloud Security Platform. About Qualys Qualys , Inc. (NASDAQ: QLYS) is a pioneer and leading provider of cloud-based security and compliance solutions.

10 The Qualys Cloud Platform and its integrated apps help businesses simplify security operations and lower the cost of compliance by delivering critical security intelligence on demand and automating the full spectrum of auditing, compliance and protection for IT systems and web applications. Founded in 1999, Qualys has established strategic partnerships with leading managed service providers and consulting organizations including Accenture, BT, Cognizant Technology Solutions, Deutsche Telekom, Fujitsu, HCL, HP Enterprise, IBM, Infosys, NTT, Optiv, SecureWorks, Tata Communications, Verizon and Wipro. The company is also a founding member of the Cloud Security Alliance (CSA).

Show more

Documents from same domain

Qualys API Quick Reference

Qualys API Quick Reference

www.qualys.com

Qualys API Quick Reference Guide Vulnerability Management and Policy Compliance API 8 Notes: “title” is required for a create request. “ids” is required for an update and delete request. comments={value}&

  Guide, Reference, Quick, Qualys, Qualys api quick reference, Qualys api quick reference guide

Windows Authentication - Qualys

Windows Authentication - Qualys

www.qualys.com

“qualys_scanner” user to the “Domain Admins” group. Click OK to save the change. Group Policy Settings Best practice Group Policy settings for authenticated scanning of Windows systems are described below. Please consult your network administrator before making changes to

  Network, Scanner

Scan VMware ESXi Hosts on vCenter User Guide

Scan VMware ESXi Hosts on vCenter User Guide

www.qualys.com

Scan ESXi hosts on vCenter Get Started Launch scans Now you are ready to launch a scan on your ESXi hosts through vCenter. Launch a scan like any other scan and for your target hosts choose your ESXi assets by selecting IP addresses, asset groups, asset tags. The authenticated scanning occurs for the

  Guide, User, Host, Scan, Vcenter, Esxi, Esxi hosts on vcenter user guide

Qualys Patch Management Getting Started Guide

Qualys Patch Management Getting Started Guide

www.qualys.com

Installing Cloud Agents on Assets Downloading Installer 9 As you can see, you can provision the same key for any of the other applications in your account. Downloading Installer Click Install instructions next to Windows (.exe) or Linux (.rpm).

  Instructions, Installing, Downloading

Qualys SAML and Azure Active Directory Integration

Qualys SAML and Azure Active Directory Integration

www.qualys.com

Apr 07, 2021 · Tutorial: Azure Active Directory Integration with Qualys Cloud Platform using SAML SSO In this tutorial we’ll show you how to integrate Microsoft Azure Active Directory (Azure AD) with Qualys Cloud Platform using SAML 2.0 SP-initiated SSO. Integrating Qualys Cloud Platform with Azure AD provides you with these benefits:

  Cloud, Integration

Web Application Scanning API - Qualys

Web Application Scanning API - Qualys

www.qualys.com

Nov 12, 2021 · The Qualys Cloud Platform and its integrated Cloud Apps deliver businesses critical security in telligence continuously, enabling them to automate the full spectrum of auditing, compliance and protection for IT systems and web applications on pre mises, on endpoints and elastic clouds. For more information, please visit

  Applications, Cloud, Scanning, Web application scanning api

Unix Authentication - Qualys

Unix Authentication - Qualys

www.qualys.com

Jul 28, 2020 · Using Private Keys / Certificates For successful authentication, the user account must be add ed to all target hosts along with the public key, which will be appended to the “.ssh/authorized_keys2” file in the user’s home directory. Our service must have full access to the target hosts during scanning. It ’s possible that

  Services, Unix, Certificate, Authentication, Unix authentication

Qualys API Limits

Qualys API Limits

www.qualys.com

Example: 300 API calls were received starting April 12 at 2 PM. The first blocked API call was received on April 12 at 2:30 PM. Users could not run API calls for 30 minutes. The next time an API can be received and run is April 12 at 3 PM, assuming there is a maximum of 1 API call instance currently running at that time.

  Limits, Qualys, Qualys api limits

Qualys Gateway Service User Guide

Qualys Gateway Service User Guide

www.qualys.com

Qualys Gateway Service User Interface Module 8 Qualys Gateway Service User Interface Module Qualys Gateway Service has a user interface module on the Qualys Platform. Customers with purchased or trial accounts see the QGS module in the module picker. Use the QGS UI to create, configure, monitor, disable, and delete QGS appliances deployed

  Services, Guide, User, Getaways, Qualys, Qualys gateway service user guide

Qualys API (VM, PC) User Guide

Qualys API (VM, PC) User Guide

www.qualys.com

APIs in this user guide are supported using Qualys Cloud Platform (VM, PC). We recommend you join our Community and su bscribe to our API Notifications RSS Feeds for announcements and discussions. API Conventions Qualys User Account Authentication with valid Qualys user account credentials is required for making Qualys

  Guide, User, User guide, Qualys, Qualys api

Related documents

CIS Amazon Web Services Foundations Benchmark

CIS Amazon Web Services Foundations Benchmark

d0.awsstatic.com

CIS Amazon Web Services Foundations Benchmark v1.2.0 - 05-23-2018 ... of Amazon Web Services with an emphasis on foundational, testable, and architecture ... deploy, assess, or secure solutions in Amazon Web Services. Consensus Guidance This benchmark was created using a consensus review process comprised of subject

  Amazon, Amazon web services, Services, Foundations, Benchmark, Amazon web services foundations benchmark

CIS Amazon Web Services Foundations Benchmark

CIS Amazon Web Services Foundations Benchmark

d1.awsstatic.com

May 23, 2018 · CIS Amazon Web Services Foundations Benchmark v1.2.0 - 05-23-2018 ... of Amazon Web Services with an emphasis on foundational, testable, and architecture ... deploy, assess, or secure solutions in Amazon Web Services. Consensus Guidance This benchmark was created using a consensus review process comprised of subject

  Amazon, Amazon web services, Services, Foundations, Benchmark, Amazon web services foundations benchmark

AWS Security Hub - docs.aws.amazon.com

AWS Security Hub - docs.aws.amazon.com

docs.aws.amazon.com

Amazon's, in any manner that is likely to cause confusion among customers, or in any manner that disparages or discredits Amazon. All other trademarks not owned by Amazon are the property of their respective owners, who may or may not be affiliated with, connected to, or sponsored by Amazon.

  Amazon, Security, Aws security hub

Related search queries

Amazon Web Services Foundations Benchmark, Amazon Web Services, Benchmark, AWS Security Hub, Amazon