Censys’s integration with Qualys VMDR Automatically add new hosts to your Qualys VMDR environment for vulnerability scans. With this connection, you can view and add Censys-discovered unknown hosts to Qualys asset groups.
Below are sample API calls and links back to the Qualys API docs that are used in the integration. Please note that the calls differ based on Qualys User Permissions:
- If the user is a Unit Manager, the call to add IP to a subscription must include
ag_title(Asset group title) and the actions of “Add IP to subscription” and “Add IP to asset group” will happen in one request. - If the user is a Manager, the call to add IP to a subscription does not include
ag_title, and the actions of “Add IP to subscription” and “Add IP to asset group” will happen in two requests.
For all requests use header Accept: application/xml
Unit Manager:
- Add IP to subscription and asset group:
https://<USERNAME>:<PASSWORD>@qualysapi.qg2.apps.qualys.com/api/2.0/fo/asset/ip/?action=add&ag_title=CENSYS-EXTERNAL-DISCOVERED-ASSETS+%28LIVE%29&comment=Added+from+Censys+ASM&enable_vm=1&ips=1.1.1.1- Feel free to change the
ag_titleand/oripsas needed - Docs
Manager:
Add IP to subscription
https://<USERNAME>:<PASSWORD>@qualysapi.qg2.apps.qualys.com/api/2.0/fo/asset/ip/?action=add&comment=Added+from+Censys+ASM&enable_vm=1&ips=1.1.1.1- Feel free to change the
ipsas needed - Docs
Add IP to asset group:
https://<USERNAME>:<PASSWORD>@qualysapi.qg2.apps.qualys.com/api/2.0/fo/asset/group/?action=edit&id=1234567&add_ips=1.1.1.1- Feel free to change
idand/oradd_ipsas needed - This one would only be used if the user is a Manager
- Docs
- Permissions
Unit Manager/Manager
Remove IP from asset group:
https://<USERNAME>:<PASSWORD>@qualysapi.qg2.apps.qualys.com/api/2.0/fo/asset/group/?action=edit&id=1234567&remove_ips=1.1.1.1- Feel free to change
idand/orremove_ipsas needed - Docs
- Permissions
Other
Remove IP from subscription
- Censys does not remove assets from subscriptions and only removes assets from Asset Groups. We have