Populating the CMDB - Qualys integrations

Sarah James
Tera Contributor

‎02-21-2024 03:40 PM

Hi everyone,

 

I am looking for some advise and experience for those who have used or are exploring integrations with Qualys to populate their CMDB.  Seeking information to help us determine our best path forward for deciding between using:
- ServiceNow Service Graph connector for Qualys
- Qualys CMDB Sync Service Graph Connector

 

I am working with a customer who is at the start of their ServiceNow journey leveraging CMDB, CSDM and Discovery, and we are starting to explore how integrations (like Qualys) could help in situations for network segments with security controls where we cant get credentials. In this instance they have a lot of good data in Qualys about what is in their network. 

 

Requirement: As a CMDB admin, I need to populate the CMDB, specifically data for cis like servers where discovery doesnt have the creds, unable to use creds for particular network segments - unable to create or update some servers today due to credential limitations, so that I can automatically create and update the CMDB at this technical layer / reduce manual efforts and manual creation.

 

We started to test and leverage the one provided by Qualys but are not finding the experience as good as we were expecting. Have also reached out to ServiceNow but understand there arent any materials which 

recommend one over the other for different use cases, have any references to talk to that. 

 

Whilst we have a list of the features of both, there isnt something which would help us truly understand the benefit over the other, our current path is to poc / test and compare both. 

0 Helpfuls
  • 3,175 Views
15 REPLIES 15

Tony_Taylor
Tera Contributor

‎07-24-2024 11:10 PM

hanks Nick, I think the SG looks like the strategic approach

0 Helpfuls

Pratiksha
Mega Sage
Mega Sage

‎11-04-2024 06:04 PM

Hi @Sarah James , @NickLintgenFV , @Tony_Taylor 

 

https://docs.servicenow.com/bundle/xanadu-servicenow-platform/page/product/secops-integration-vr/qua...

 

This document talks about the setup on for SGC. However miss the permission required on Select Add Connection. What permissions you have given for this ? Do you have any documentation for same?

0 Helpfuls

David_Casper
Tera Contributor

‎02-01-2025 06:05 PM

Curious if anyone has anymore updates. We've been working on getting the Qualys CMDB Sync to work and it's been anything but user friendly. 
At times it seems to bypass data precedence rules and it's not easy to limit the data that sync over. 
More details about use cases the better! We've not tried the SGC connector yet. Would like to but there's only so much time in a day.

0 Helpfuls

Jamsheer1
Tera Guru

‎02-04-2025 04:43 AM - edited ‎02-04-2025 04:45 AM

Using Qualys CMDB Sync (Non -SG) store app for past 8+ months ,

  • experienced an unexpected class change in CI's when Qualys Cloud switched their cloud provider, even though only selective class sync was use but some of OOB transformation were active.
  • Despite having enabled only updates from Qualys, logic bypasses were detected, leading to the creation of new CIs.
  • Importantly,  non-responsive customer support the Sync issues.
0 Helpfuls

David_Casper
Tera Contributor
In response to Jamsheer1

‎02-04-2025 04:51 AM

Morning Jamsheer1. Thanks for the reply. We've noticed issues with the sync bypassing data precedence rules and even identifiers. Dupes were created. 

Due to the lack of some attributes coming from qualys we were trying to filter what was syncing over and the only way we figured to do it was through their API filter. It's helped some, but very cumbersome.

How accurate is your sync now and what classes are you pulling over?

0 Helpfuls