AppViewX Certificate Discovery Automation from Qualys via CyberArk

With 2-second visibility across all of your IT assets, regardless of where they are located, Qualys Cloud Platform provides you with a continuous, always-on assessment of your global IT, security, and compliance posture. It’s a complete, end-to-end security system with automatic, built-in threat prioritization, patching, and other response capabilities.

CyberArk is primarily a security tool for protecting privileged accounts through password management. It safeguards privileged accounts in organizations by automatically preserving passwords. Using the CyberArk solution, you may retain and protect data by rotating the credentials of all critical accounts, allowing you to easily guard against malware and hacking threats.

Problem Statement:

The task of overseeing certificate management in Qualys, including the monitoring of essential certificate lifecycle management processes such as renewals, expirations, and revocations, can prove to be quite complex for administrators. Fortunately, this is precisely where AppViewX comes into play, offering a solution to streamline certificate lifecycles. AppViewX seamlessly acquires certificates from Qualys and takes charge of their management within the inventory. This comprehensive system efficiently handles critical tasks like expiration tracking, renewal processes, and revocation, alleviating the complexities associated with certificate management.

How can AppViewX help?

AppViewX integrates with Cyberark to obtain Qualys’ login information so that it can retrieve certificates and manage its inventory to address expiration, renewal, and revocation. It then reports back to the user with the certificate status.

1. Modules used — Visual Workflow (VW)
2. Integrations — Cyberark
3. Devices — Qualys CertView, AssetView

What goes on behind the scenes ?

1. Certificate Discovery workflow is scheduled on a weekly basis.
2. AppViewX makes an API call to CyberArk to fetch the login credentials of Qualys CertView.
3. AppViewX makes an API call to Qualys for downloading the certificates to the AppViewX inventory.
4. The certificates are imported to the new certificate group ‘Qualys scan’.
5. If the certificate is already managed in the AppViewX inventory, then the VW will only update the metadata of existing certificates based on the following cases and avoid importing the certificate itself.

a. The empty metadata in the AppViewX certificate is to be updated with the Qualys certificate metadata value.

b. The metadata in the AppViewX certificate is to be updated with the Qualys certificate metadata value.

c. The metadata in the AppViewX certificate is to remain the same in terms of Qualys certificate metadata being an empty value.

6. If the certificate is already managed in the AppViewX inventory, then it will be maintained in the same certificate group and not moved to ‘Qualys scan’.

7. In case of any error in importing the certificate, the VW will continue with the other certificates.

8. The error values are displayed in a grid.

9. VW handled the Qualys Certview v2 API to fetch bulk certificates as well.

Flow Diagram:

Outcome:

AppViewX Discovers the Certificates from Qualys via CyberArk 🙂