Hello

We are using Qualys Integration in our VR module of Servicenow. By default, the Vulnerabilities get imported into NOW via the different Qualys Integration runs and corresponding VIT records are created.  I have a custom requirement. Is there a way create vulnerability item record (VIT) based off on scan report or an api query ?

We have a list of unauthorized ports defined in Qualys UI. For some reason (which i am following with Qualys support), when a scan detects any of the unauth ports on an asset,  it just marks/flags it as a  "Information Gathered" type of vulnerability  instead of a confirmed vulnerability with a High Severity rating.  So what ends up happening is, there is no vulnerability generated in Qualys itself as its not a confirmed type.   Because no vuln is generated in Qualys, this detection does not get imported in Servicenow as well.

Is there a way that i can make one of the integration runs in Qualys module to query the API to look for whenever an "unauthorized port" is found in a scan or scan report and then create a VIT record off it ?

Thanks in advance