Qualys has built public GitHub repositories comprising of scripts for your requirements related to automation of the common task around Cloud Security in Qualys. It contains the tools for mass/automated deployment of Cloud Agent and on-boarding of cloud connectors. Let us go through the scripts available for your use.
Qualys Cloud Agent
Use any of the following methods to automate the deployment of Cloud Agent.
|Using Ansible||This helps you to deploy Cloud Agent across your Linux instances (Virtual machines) in any cloud using Ansible.|
|Deploy Cloud Agent at launch using AWS User Data||This helps you to deploy Cloud Agent across your AWS instances using user data scripts.|
|Deploy Cloud Agent on running instances using AWS Systems manager (SSM)||This helps you to deploy Cloud Agent across your already running instances using AWS System Manager .|
|Deploy Cloud Agent at launch using CloudWatch, Lambda & SSM||This helps you to deploy Cloud Agent in any new instances being launched in your environment. It utilizes AWS CloudWatch, Lambda & SSM for Bootstrapping of the cloud agent.|
|Deploy Cloud Agent on AWS Elastic Beanstalk||This helps you to deploy Cloud Agent across your Elastic Beanstalk instances for continuous vulnerability assessment. It utilizes config file under folder.|
|Using Powershell Runbook in Azure||This helps you to deploy Cloud Agent across your virtual machines. It utilizes Azure Automation account and Powershell workbook.|
Qualys Scanner Appliance
|AWS Scanner||This helps you to create virtual scanners in your AWS account using a CloudFormation Template.|
Use any of the following methods to automate the deployment of Cloud Connectors.
|Create EC2 connector in AssetView using CloudFormation Template||This helps you to create cross-account trust role and assign Security Audit Policy to it in your AWS environment, and create a corresponding AssetView connector using a CloudFormation Template.|
|Create Bulk EC2 Connectors in AssetView using Python Script||This helps you to do a CSV import of AWS accounts to create AssetView connectors corresponding to the accounts.|
|Create AWS Connector in CloudView using CloudFormation Template||This helps you to create a cross-account trust role and assign Security Audit Policy to it in your AWS environment, and create a corresponding connector using a CloudFormation Template.|
|Create Bulk AWS Connectors in CloudView using Python Scripts||This helps you to do a CSV import of AWS accounts to create connectors corresponding to the accounts.|
Cloud Security Assessment
|Configuring Splunk to fetch Cloud Security Assessment evaluation results||This helps you to send Cloud Security Assessment evaluation results to the Splunk for data correlation.|
Assess Vulnerabilities & Mis-configurations in AWS Golden AMI Pipelines
To integrate Qualys solutions into DevSecOps for securing cloud infrastructures, you can use Golden AMI Pipeline considering the importance of assessing vulnerabilities and mis-configurations on AWS pipelines.
|This helps you to create a Golden AMI Pipeline integrated with a virtual scanner for vulnerability assessments in the image creation pipeline, before they reach production environments and throughout the instance lifecycle.|