Nucleus Security Release Spotlight: Qualys PCS
  • December 20, 2023
  • Gil Azaria
  • 0

Release Spotlight: Qualys PCS

In the culinary world, the adage “too many cooks spoil the broth” warns of the chaos and disarray that can arise from too many opinions and actions in the kitchen. However, this concept takes an intriguing twist in the realm of cybersecurity. Think of vulnerability management and policy compliance as two master chefs, each bringing their unique flavors and expertise to create a cybersecurity ‘broth’ that is robust and exquisitely balanced despite being created by multiple opinions and actions in the same cybersecurity ‘kitchen.’  

We’re proud to announce an exciting integration with Qualys Policy Compliance Scanning (Qualys PCS). This integration allows us to ingest compliance and misconfiguration findings identified by Qualys directly into Nucleus projects, alongside vulnerability data on each asset. Just as a well-seasoned broth benefits from the right balance of ingredients, a balanced blend of policy compliance and vulnerability management enhances the overall security posture of your organization, enabling you to navigate risks associated with vulnerabilities and misconfigurations.

Qualys PCS Nucleus Connector

What is Qualys Policy Compliance Scanning (Qualys PCS)?   

Qualys PCS is a comprehensive solution that streamlines the process of ensuring your IT environment complies with internal policies and external regulatory standards. It provides an in-depth assessment of where your IT assets stand regarding compliance with a wide range of global security mandates, such as PCI DSS, HIPAA, NIST, and many others. The platform automates compliance data collection across your network, eliminating manual data gathering and reducing the risk of human error. By centralizing this information, Qualys PCS offers a clear, unified view of your compliance posture, making it easier to identify and address gaps in compliance.

One of the key strengths of Qualys PCS is its robust customization capabilities, which allow for creating specific compliance checks that cater directly to the unique aspects of your organization’s IT infrastructure. These tailored solutions enable businesses to go beyond generic compliance guidelines, focusing on specific areas of concern or unique operational environments. Whether it’s adhering to industry-specific regulations, corporate policies, or unique security protocols, Qualys PCS’s customizable checks ensure that every aspect of your compliance need is covered comprehensively and accurately. This targeted approach enhances the overall compliance strategy and provides a more precise and relevant assessment of your organization’s security and compliance posture.

Why Combine Policy Compliance with Vulnerability Management?  

Combining compliance and vulnerability management data into the same tool may seem unnecessary. Different teams may own KPIs in each area, for example, and often, different teams are responsible for fixing compliance findings versus vulnerability findings. However, when you zoom out a bit, both compliance and vulnerability scanning are intended to accomplish the same thing: find risk in your organization. For teams who are interested in a comprehensive understanding of their overall risk picture, it is not only sensible but indeed necessary to bring both datasets together.  

Thanks to the flexibility of Nucleus’ data model and its powerful automation engine, we can associate compliance and vulnerability findings on the same asset in our platform. Furthermore, layering in each organization’s unique asset context makes it easy to combine all the relevant data points into a representation of organizational risk broken down by asset. With powerful user and team management capabilities and infinitely configurable asset grouping options, it’s also possible to understand risk through any relevant organizational lens. Nucleus makes it simple to prioritize the most significant impact fixes that will help reduce the overall risk of an asset or group of assets, whether based on a compliance policy, vulnerability remediation, or some combination of the two.   

Put it to use

The Qualys PCS connector is in beta release, signifying that we’re still fine-tuning its features for optimal performance. If you want to explore its capabilities within your Nucleus organization, please get in touch with support or your dedicated account representative. Once enabled for your organization, ingesting Qualys policy compliance scans is straightforward in two easy steps:  

Step 1 – Configure your Qualys Connector for PCS  

Login to your Nucleus Project. Visit the Qualys connector setup screen. Add the API Gateway URL for your Qualys instance and hit Save Connection.

Qualys Connector Setup in Nucleus
Qualys Connector Setup in Nucleus

Step 2 – Ingest a PC Policy  

Navigate to your Qualys connector in the Import via Connector page. Select Import by PC Policy. Choose your policy, then continue, and select Save & Finish. Congrats! You’ve now started ingesting your first PC policy.

Qualys Connector Import Criteria in Nucleus
Qualys Connector Import Criteria in Nucleus
PC Policy Selection in Nucleus
PC Policy Selection in Nucleus

Once you have successfully ingested your policy compliance scan into Nucleus, browse the Compliance Active Findings page to see all compliance checks that passed and all misconfigurations on assets across your organization.

Compliance Active Findings in Nucleus
Compliance Active Findings in Nucleus

Workflow Automation

Getting lots of data into a platform is great, but the more data you get, the harder it is to do anything without robust automation tooling to make use of it.  

The Qualys PCS connector intelligently ingests vast amounts of useful Qualys and cloud provider metadata on assets, which you can use in Nucleus’ powerful automation engine. Leveraging Asset Processing rules with Dynamic Fields, you can set up asset groups that will stay current as the underlying metadata changes.

Additional Metadata on Assets in Nucleus
Additional Metadata on Assets in Nucleus

For the first time in our Qualys connector, we now also ingest all of the tags an asset has as separate keys. This new capability can be powerful for customers using Qualys’s parent-child tag functionality to represent key/value pairs, such as departments, teams, and more.

Qualys Asset Tags in Nucleus
Qualys Asset Tags in Nucleus

Look Ahead

We’re excited to see how Nucleus customers use the Qualys PCS connector within our platform. Throughout the next quarter, we will closely monitor the connector for how it performs at scale and work with our customers to incorporate their feedback before transitioning it to general availability. We also have some exciting improvements to the Qualys VM connector coming soon, so stay tuned for future announcements!