Qualys ServiceNow Integration: Security and Infastructure Events - Evanios

Qualys ServiceNow Integration: Security and Infastructure Events


Overview

Qualys Continuous Security is a cloud based monitoring solution that scans customer networks for Network Security, Compliance and Web App Security. Evanios has created a packaged Qualys ServiceNow integration that will make it possible for you to send alerts directly to ServiceNow from Qualys.

Why use Evanios for Qualys ServiceNow Integration?

Many of our customers have leveraged Evanios Operations to integrate Qualys events into ServiceNow. Evanios Operations is an event and operations management solution that runs directly on ServiceNow. It collects events from your monitoring solutions and acts as a manager for them. With Evanios Operations you get an overall view of your IT environment where events can be de-duplicated, correlated, transformed and acted upon.

Our Event Management solution is a ServiceNow application, which is able to leverage ITSM data from other applications. The response to an event can be changed based on its definition in the CMDB or what business services it might impact. The response can be handled differently if you are in the middle of an active scheduled change. Because let’s face it: No one wants to get a wake-up call for a scheduled change.

When you put an Event Management layer between your monitoring solutions and ServiceNow’s incident application, it provides a more effective way to create meaningful incidents.

Quickly integrate Qualys to ServiceNow using Evanios Operations

With Evanios Operations (EOPS) and its pre-packaged solution for Qualys it is able to integrate with ServiceNow quickly and easily.  The package contains out of the box defined rules to help Qualys events easily map to ServiceNow fields. Since Qualys is a cloud based service (SaaS) just like ServiceNow, a query is scheduled in Evanios Operations to connect to Qualys and get all of the exceptions from a report.  Each exception is turned into an Event in Evanios Operations.  Events have all of the details from the report fields now in EOPS Event Fields.  Evanios Operations allows full manipulation of those fields with our no-coding required rules engine.  There are even rules to create ServiceNow Incidents from the Qualys events.

Leveraging other canned integrations to Evanios Operations, there are over 20, Evanios operations becomes the single-pane of glass for all of your monitoring events. Integrations for  network (NNMi, Spectrum, Solarwinds), servers (BPPM, Patrol, Nagios, SCOM), applications (AppDynamics, NetIQ, Splunk, OEM) and now security compliance – all in one console, built on the ServiceNow platform.

Here is a list of Qualys events in Evanios Operations User Interface:

Qualys ServiceNow integration

Qualys events in ServiceNow?

The out of the box rules that are packaged with the Qualys integration will map Qualys report details into a common event format. This is used by all of our integrations to present the same kind of information to Operations, regardless of the tool that created the event. The severity of the event is mapped accordingly based on the Qualys severity and all of the details are kept inside the event for deep dive analysis.

Note the separate tab of Qualys details decomposed from the Qualys report retrieved automatically from the cloud:

Qualys ServiceNow Integration 2

If you’d like to know more, request a demo of this Qualys ServiceNow Integration.