Installed components

Xanadu Security Management

Release

xanadu

ft:locale

en-US

ft:publication_title

Xanadu Security Management

ft:clusterId

security

bundleId

security

workflow

Technology

Components installed with the Qualys Vulnerability Integration

Release version: Xanadu

Updated September 5, 2025

5 minutes to read

The following roles, integration jobs, and tables are installed with the Qualys Vulnerability Integration.

Note:

The Application Files table lists the components that are installed with this application. For instructions on how to access this table, see Find components installed with an application.

View filtered lists for components installed with an application

Filter the Applications Files table so that only the roles, scheduled jobs, and tables that are installed with an application are displayed. The application you want to view these components for should be installed so that its files are loaded onto the instance and into the metadata table. Follow these steps to view filtered lists from the Applications Files table.

In the filter navigator, enter sys_metadata.list to navigate to the metadata table.
Select the condition builder (filter icon), and select, Application > is followed by the name of your application. For example, Application > is > Vulnerability Response.
In the condition builder, to add a second filter, select AND, then select, Class > is a and choose one of the following classes from the list: Role, Scheduled job, or Table.
Select Run.

The results for the class you selected are displayed in a filtered list.

Roles installed


Role title [name]	Description	Contains roles
sn_vul_qualys.read	Has read access to the Qualys Vulnerability Integration records.
sn_vul_qualys.user	User for Qualys Vulnerability Integration. Can read and write records	sn_vul_qualys.read
sn_vul_qualys.admin	Administrator forQualys Vulnerability Integration. For example, you can modify integration start dates and perform some advanced configuration settings.	sn_vul_qualys.user sn_vul.vulnerability_analyst
sn_vul.configure_qualys_integration	Can configure the Qualys Vulnerability Integration	sn_vul_qualys.admin

Integration jobs installed


Integration job	Description
Qualys Static Search List Integration	Synchronizes Qualys search lists for finding vulnerable entries. Retrieves only static list type records.
Qualys Comprehensive Host Detection Integration	Retrieves host and vulnerability data from Qualys and processes it in your instance. It coordinates the REST message calls to the Host Detection API. The output of this integration is vulnerable items. This integration imports all the states of the vulnerability: New,Fixed, Active, and Reopened. By default, this integration is inactive and runs weekly. Note: After this integration is activated, the daily comprehensive job imports only the New, Fixed, and Reopened states.
Qualys Host List Integration	Retrieves authenticated and unauthenticated host scan data and host tags from Qualys once a week and stores it in the Discovered Items module in your instance. Helps identify assets that haven't been scanned recently.
Qualys Host Detection Integration	Retrieves host and vulnerability data from Qualys and processes it in your instance. It coordinates the REST message calls to the Host List Detection API. The outputs of this integration are vulnerable items. Qualys host tags are imported in this integration.
Qualys Ticket Integration	Retrieves Qualys tickets and adds them to your instance. It coordinates the REST message calls to the ticket list API. There are often fewer tickets than Host Detections since Qualys settings can constrain the detections that result in a ticket.
Qualys Option Profile List Integration	Retrieves option profiles from the Qualys product. Option profiles include scan settings which are required when you initiate scans from your ServiceNow AI Platform instance.
Qualys Appliance List Integration	Retrieves scanner appliance information from Qualys.
Qualys Asset Group Integration	Retrieves asset group information from Qualys. Asset groups are used to identify which scanner appliances to use for scanning matching configuration items.
Qualys Knowledge Base (Backfill)	Retrieves Qualys knowledge base entries. Scheduled to run after the Qualys Knowledge Base Integration. Updates your instance with any QIDs that were referenced in the Qualys Knowledge Base or Qualys Host Detection integration but did not exist in the system.
Qualys Knowledge Base	Retrieves Qualys knowledge base entries. The retrieved data is based on the date the vulnerabilities were updated by Qualys and since the last time the integration ran. This data is useful for populating historical data into your instance as well as ensuring the Qualys Identifiers (QIDs) are up to date.
Qualys Dynamic Search List Integration	Synchronizes Qualys search lists for finding vulnerable entries, and retrieves dynamic list type records.
Fixing the detections for updated key for Qualys	A hashed combination of fields that provided a way to identify and tie a detection to a Qualys vulnerable item.
Qualys Update existing discovered items with network partition identifier	Updates your existing discovered items. CIs for your existing Qualys Vulnerability Integration data are created or updated to include the network partition identifier granularity.

Tables installed


Table	Description
Search List Vulnerability sn_vul_qualys_m2m_search_list_vul	Stores the mapping between the Qualys search list and a vulnerability.
Qualys Vulnerability Scanner sn_vul_qualys_scanner	Table that extends Vulnerability Scanners to store scanner information for the Qualys rescan feature.
Qualys Search Lists sn_vul_qualys_search_list	Stores search lists retrieved by the Qualys search list integration.
Qualys Appliance Import sn_vul_qualys_appliance_imp	Table extending the import set row. Field map transformation is skipped and the response attachment is processed directly with the onComplete script.
Qualys CI sn_vul_qualys_ci	Table no longer used.
Host Detection Pagination sn_vul_qualys_host_detection_pagination	Table no longer used.
Qualys Integration Run sn_vul_qualys_integration_run	Table no longer used.
Qualys Integration sn_vul_qualys_integration	Table extending the vulnerability integration and stores all the integrations that correspond to Qualys.
Qualys Static Search List Import sn_vul_qualys_static_search_list_imp	Table extending the import set row. Field maps are used to transform data to the target table, Qualys Search Lists.
Qualys Knowledge Base sn_vul_qualys_knowledge_base	Table extending the import set row. Field map transformation is skipped and the response attachment is processed directly with the onComplete script.
Qualys Ticket List sn_vul_qualys_ticket_list_imp	Table extending the import set row. Field map transformation is skipped and the response attachment is processed directly with the onComplete script.
Qualys Option Profile sn_vul_qualys_option_profile	Table storing the option profiles retrived from Qualys. This table used with the rescan.
Qualys Dynamic Search List Import sn_vul_qualys_dynamic_search_list_imp	Table extending the import set row. Field maps are used to transform data to the target table, Qualys Search Lists.
Qualys Import Set Re-Run sn_vul_qualys_import_rerun	Table no longer used.
Qualys Option Profile Import sn_vul_qualys_option_profile_import	Table extending the import set row. Field map transformation is skipped and the response attachment is processed directly with the onComplete script.