Qualys Vulnerability Scan Automation

Name: Qualys Vulnerability Scan Automation
Rating: 5 (5 reviews)
Author: Free N8N

Intermediate

16 nodes connected

detail.loadingPreview

Free N8N Temples

79 views

0 downloads

SecurityAPIAutomationQualysSecurity MonitoringSlackVulnerability Scanning

Automate Qualys vulnerability scans, process results, and notify via Slack.

About This Workflow

This workflow automates the process of initiating vulnerability scans using the Qualys API, monitoring their completion, and reporting the summary results to a designated Slack channel. It leverages n8n's capabilities to interact with external APIs, handle data transformations, and manage asynchronous operations. The workflow is designed to be triggered by a parent workflow initiated via a Slack shortcut, collecting input from a modal window.

Key Features:

Trigger: Launched by a parent workflow through a Slack shortcut with modal input. The Execute Workflow Trigger node is used for this, with a manual test trigger also available.
API Integration: Utilizes the Qualys API for initiating and fetching scan results.
Data Conversion: Converts XML scan results from Qualys API to JSON for easier processing within n8n.
Loop Mechanism: Implements a polling mechanism with a Wait node to continuously check the scan status until it is 'FINISHED'.
Slack Notifications: Posts initial acknowledgment, intermediate status updates, and final scan summaries with detailed results and a direct link to the Qualys report to a specified Slack channel.
Error Handling: The Check if Scan Finished node acts as a conditional gate for proceeding with result posting.
Dynamic Data: Utilizes global variables and dynamically fetched data for API calls and Slack messages.

Key Features

Automated VM Scans: Initiate vulnerability scans on virtual machines via the Qualys API.
Real-time Status Monitoring: Continuously poll Qualys for scan completion status.
XML to JSON Conversion: Seamlessly convert API responses from XML to JSON for n8n processing.
Configurable Scan Parameters: Set scan title, asset groups, and option titles through n8n variables.
Comprehensive Slack Notifications: Receive immediate confirmations, status updates, and detailed scan summaries in Slack.
Direct Report Linking: Get a direct URL to view the full report in the Qualys platform.
Clean Slack Interface: Deletes initial receipt messages and posts final reports for a streamlined experience.

How To Use

Credentials Setup: Ensure your Qualys API and Slack API credentials are correctly configured in n8n.
Global Variables: Set the platformurl in the Demo Data node (or a dedicated global variable node) to your Qualys platform URL.
Slack Channel Configuration: Update the slackChannelId in the Global Variables & Slack Channel node (or equivalent) to your desired Slack channel.
Triggering the Workflow:
- Manual Testing: Disable the Execute Workflow Trigger node and manually run the workflow. Input parameters can be adjusted in the Demo Data node.
- Automated Trigger: Enable the Execute Workflow Trigger node to have this workflow initiated by a parent workflow (e.g., from a Slack shortcut).
Scan Initiation: The workflow will first post a "request received" message to Slack.
Scan Execution: It then calls the Qualys API to launch the VM scan with the specified parameters.
Status Polling: The workflow waits for 5 minutes and then fetches the scan status. This loop continues until the scan status is 'FINISHED'.
Result Notification: Upon completion, the initial Slack message is deleted, and a detailed scan summary, including findings and a link to the full report, is posted to the configured Slack channel.

Node Explanations:

Execute Workflow Trigger (ec05f06b-e009-4f1c-97e4-223705d3be32): Starts the workflow when triggered by another n8n workflow.
Demo Data (de2c15bd-4144-4ca8-9c0d-370ecf334650): Sets initial parameters for the Qualys scan (scan title, asset groups, option title) and the Qualys platform URL.
Merge (9f6291ad-280f-4a0c-b84a-5eebfbb9172f): Merges incoming data streams.
Start VM Scan in Qualys (be5b0c9c-de92-4e34-88cb-98e88b0c19df): Makes an HTTP POST request to the Qualys API to launch a VM scan.
Convert XML to JSON (0d140ce1-89e0-4135-821f-0b32004fc6aa): Converts the XML response from the Qualys scan launch to JSON.
Save receipt message timestamp: (Implicit, likely a Set node before Confirm Waiting) This node is assumed to capture the timestamp of the "Post Receipt" message for later deletion/update.
Post Receipt (68a9eee6-05c4-4655-ab74-4a68fc68af26): Sends an initial acknowledgment message to Slack.
Confirm Waiting (43af793b-061f-4048-b110-546903b803b6): Updates the initial Slack message to inform the user that the scan has started and is being processed.
Loop Over Items (56a60798-3db1-4c69-962f-75009f894196): A placeholder node for loop logic, likely used in conjunction with the Wait node.
Wait 5 Min (5da3f500-0ccf-4eed-9d05-7709668cf2bb): Pauses the workflow for 5 minutes before checking the scan status.
Fetch Scan Results (ec737485-bf8b-4e8a-9843-2566c13106a8): Makes an HTTP GET request to the Qualys API to fetch the summary of the initiated scan.
Convert XML to JSON1 (5cf921ac-cd6b-4a27-b679-3d1ecdb3eb49): Converts the XML response of the scan results to JSON.
Check if Scan Finished (0580bb11-38c4-49a1-ab00-4cdfb49c8f9d): An IF node that checks if the scan status is 'FINISHED'.
Post Vulnerability Scan Summary to Slack (783d9bcd-faf1-4427-ab5c-de32df64f819): Sends a detailed, formatted summary of the scan results to Slack using blocks.
Delete Receipt (326bb10c-0e8e-4df7-bc67-dad015240d15): Deletes the initial acknowledgment message from Slack.
Sticky Note nodes: Provide documentation and context within the workflow.

Apps Used

API

Automation

Qualys

Security Monitoring

Slack

Vulnerability Scanning

Workflow JSON

{
  "id": "8ad183ee-3004-493b-ae7c-e05d03905c34",
  "name": "Qualys Vulnerability Scan Automation",
  "nodes": 16,
  "category": "Security",
  "status": "active",
  "version": "1.0.0"
}

Note: This is a sample preview. The full workflow JSON contains node configurations, credentials placeholders, and execution logic.

Get This Workflow

ID: 8ad183ee-3004...

About the Author

DevOps_Master_X

Infrastructure Expert

Specializing in CI/CD pipelines, Docker, and Kubernetes automations.

Statistics

Downloads0

Rating5/5

Get Custom Workflow

Need a specific automation? Our experts can build it for you.

Trusted by top companies
7+ years experience

Related Workflows

Discover more workflows you might like

Beginner

SecurityVenafiSlackTLS

Venafi TLS Protect Cloud Integration with Slack

Automate Venafi certificate requests initiated from Slack, integrating with VirusTotal for security analysis.

7 nodes

104

View Workflow

Advanced

Securityemailsecurityphishing

Email Analysis with Sublime Security

Automate email ingestion, attachment analysis via Sublime Security, and report findings to Slack.

25 nodes

271

View Workflow

Advanced

SecurityemailphishingAI

Automated Email Analysis and Jira Ticketing

Automates the analysis of incoming emails from Gmail and Outlook, classifies them for phishing risk using AI, and creates Jira tickets with relevant attachments.

28 nodes

189

View Workflow

Qualys Vulnerability Scan Automation

Intermediate

16 nodes connected

detail.loadingPreview

Free N8N Temples

79 views

0 downloads

SecurityAPIAutomationQualysSecurity MonitoringSlackVulnerability Scanning

Automate Qualys vulnerability scans, process results, and notify via Slack.

About This Workflow

Key Features:

Trigger: Launched by a parent workflow through a Slack shortcut with modal input. The Execute Workflow Trigger node is used for this, with a manual test trigger also available.
API Integration: Utilizes the Qualys API for initiating and fetching scan results.
Data Conversion: Converts XML scan results from Qualys API to JSON for easier processing within n8n.
Loop Mechanism: Implements a polling mechanism with a Wait node to continuously check the scan status until it is 'FINISHED'.
Slack Notifications: Posts initial acknowledgment, intermediate status updates, and final scan summaries with detailed results and a direct link to the Qualys report to a specified Slack channel.
Error Handling: The Check if Scan Finished node acts as a conditional gate for proceeding with result posting.
Dynamic Data: Utilizes global variables and dynamically fetched data for API calls and Slack messages.

Key Features

Automated VM Scans: Initiate vulnerability scans on virtual machines via the Qualys API.
Real-time Status Monitoring: Continuously poll Qualys for scan completion status.
XML to JSON Conversion: Seamlessly convert API responses from XML to JSON for n8n processing.
Configurable Scan Parameters: Set scan title, asset groups, and option titles through n8n variables.
Comprehensive Slack Notifications: Receive immediate confirmations, status updates, and detailed scan summaries in Slack.
Direct Report Linking: Get a direct URL to view the full report in the Qualys platform.
Clean Slack Interface: Deletes initial receipt messages and posts final reports for a streamlined experience.

How To Use

Credentials Setup: Ensure your Qualys API and Slack API credentials are correctly configured in n8n.
Global Variables: Set the platformurl in the Demo Data node (or a dedicated global variable node) to your Qualys platform URL.
Slack Channel Configuration: Update the slackChannelId in the Global Variables & Slack Channel node (or equivalent) to your desired Slack channel.
Triggering the Workflow:
- Manual Testing: Disable the Execute Workflow Trigger node and manually run the workflow. Input parameters can be adjusted in the Demo Data node.
- Automated Trigger: Enable the Execute Workflow Trigger node to have this workflow initiated by a parent workflow (e.g., from a Slack shortcut).
Scan Initiation: The workflow will first post a "request received" message to Slack.
Scan Execution: It then calls the Qualys API to launch the VM scan with the specified parameters.
Status Polling: The workflow waits for 5 minutes and then fetches the scan status. This loop continues until the scan status is 'FINISHED'.
Result Notification: Upon completion, the initial Slack message is deleted, and a detailed scan summary, including findings and a link to the full report, is posted to the configured Slack channel.

Node Explanations:

Execute Workflow Trigger (ec05f06b-e009-4f1c-97e4-223705d3be32): Starts the workflow when triggered by another n8n workflow.
Demo Data (de2c15bd-4144-4ca8-9c0d-370ecf334650): Sets initial parameters for the Qualys scan (scan title, asset groups, option title) and the Qualys platform URL.
Merge (9f6291ad-280f-4a0c-b84a-5eebfbb9172f): Merges incoming data streams.
Start VM Scan in Qualys (be5b0c9c-de92-4e34-88cb-98e88b0c19df): Makes an HTTP POST request to the Qualys API to launch a VM scan.
Convert XML to JSON (0d140ce1-89e0-4135-821f-0b32004fc6aa): Converts the XML response from the Qualys scan launch to JSON.
Save receipt message timestamp: (Implicit, likely a Set node before Confirm Waiting) This node is assumed to capture the timestamp of the "Post Receipt" message for later deletion/update.
Post Receipt (68a9eee6-05c4-4655-ab74-4a68fc68af26): Sends an initial acknowledgment message to Slack.
Confirm Waiting (43af793b-061f-4048-b110-546903b803b6): Updates the initial Slack message to inform the user that the scan has started and is being processed.
Loop Over Items (56a60798-3db1-4c69-962f-75009f894196): A placeholder node for loop logic, likely used in conjunction with the Wait node.
Wait 5 Min (5da3f500-0ccf-4eed-9d05-7709668cf2bb): Pauses the workflow for 5 minutes before checking the scan status.
Fetch Scan Results (ec737485-bf8b-4e8a-9843-2566c13106a8): Makes an HTTP GET request to the Qualys API to fetch the summary of the initiated scan.
Convert XML to JSON1 (5cf921ac-cd6b-4a27-b679-3d1ecdb3eb49): Converts the XML response of the scan results to JSON.
Check if Scan Finished (0580bb11-38c4-49a1-ab00-4cdfb49c8f9d): An IF node that checks if the scan status is 'FINISHED'.
Post Vulnerability Scan Summary to Slack (783d9bcd-faf1-4427-ab5c-de32df64f819): Sends a detailed, formatted summary of the scan results to Slack using blocks.
Delete Receipt (326bb10c-0e8e-4df7-bc67-dad015240d15): Deletes the initial acknowledgment message from Slack.
Sticky Note nodes: Provide documentation and context within the workflow.

Apps Used

API

Automation

Qualys

Security Monitoring

Slack

Vulnerability Scanning

Workflow JSON

{
  "id": "8ad183ee-3004-493b-ae7c-e05d03905c34",
  "name": "Qualys Vulnerability Scan Automation",
  "nodes": 16,
  "category": "Security",
  "status": "active",
  "version": "1.0.0"
}

Note: This is a sample preview. The full workflow JSON contains node configurations, credentials placeholders, and execution logic.

Get This Workflow

ID: 8ad183ee-3004...

About the Author

DevOps_Master_X

Infrastructure Expert

Specializing in CI/CD pipelines, Docker, and Kubernetes automations.

Statistics

Downloads0

Rating5/5

Get Custom Workflow

Need a specific automation? Our experts can build it for you.

Trusted by top companies
7+ years experience

Related Workflows

Discover more workflows you might like

Beginner

SecurityVenafiSlackTLS

Venafi TLS Protect Cloud Integration with Slack

Automate Venafi certificate requests initiated from Slack, integrating with VirusTotal for security analysis.

7 nodes

104

View Workflow

Advanced

Securityemailsecurityphishing

Email Analysis with Sublime Security

Automate email ingestion, attachment analysis via Sublime Security, and report findings to Slack.

25 nodes

271

View Workflow

Advanced

SecurityemailphishingAI

Automated Email Analysis and Jira Ticketing

Automates the analysis of incoming emails from Gmail and Outlook, classifies them for phishing risk using AI, and creates Jira tickets with relevant attachments.

28 nodes

189

View Workflow