Qualys has announced the release of its new Web Application Scanning (WAS) App for Splunk Enterprise.
According to the company, the new app delivers information about affected web applications and prevalent vulnerabilities into the Splunk dashboard, and enables preconfigured searches and reports, for customers using both Qualys and Splunk. It also enables users to analyse consistent WAS data across application lifecycles, detect unauthorised apps and rapidly harden your web apps with Qualys Web Application Firewall (WAF).
Based on Qualys’ real-time integration with Splunk’s data analytics dashboard, the Qualys WAS App for Splunk Enterprise leverages our existing Technical Add-on (TA) for Splunk, which allows Qualys WAS data to be injected along with Qualys Vulnerability Management (VM) and KnowledgeBase data into a Splunk Indexer. We built this integration to handle data across time – the first value of Splunk – and deliver you even greater security posture awareness across Qualys VM and now also Qualys WAS. In doing so, Qualys provides you with Splunk’s great reporting capabilities, as well as advanced features unique to leveraging Qualys within Splunk.
The Qualys TA works with Splunk Enterprise by pulling data from your enterprise’s Qualys account in the cloud, then presenting that data in any of the Qualys Splunk apps. That data then can be searched using the Splunk Search app, Splunk Enterprise Security or either/both of the Qualys Apps for Splunk Enterprise. The apps provide you access to summary charts on various data points, including the prevalence of vulnerabilities, top hosts affected and remediation prioritisation. This results in new ways to visualise and report on Qualys data as well as correlate it with your enterprise’s other security data sources