By eric perraudeau product manager
This presentation is the property of its rightful owner.
Sponsored Links
1 / 9

by Eric Perraudeau, Product Manager PowerPoint PPT Presentation


  • 91 Views
  • Uploaded on
  • Presentation posted in: General

by Eric Perraudeau, Product Manager. Advanced reporting using API and Report frameworks. San Francisco, CA March 22 nd 2010. Agenda. Manual Data vs Automatic Data Qualys API frameworks Reporting Q&A. 2.

Download Presentation

by Eric Perraudeau, Product Manager

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


By eric perraudeau product manager

by Eric Perraudeau, Product Manager

Advanced reporting using API and Report frameworks

San Francisco, CA March 22nd 2010


Agenda

Agenda

  • Manual Data vs Automatic Data

  • Qualys API frameworks

  • Reporting

  • Q&A

2

C O M P A N Y C O N F I D E N T I A L


Manual data vs automatic data

Manual Data vs Automatic Data

Scan 1

Result 1

Option Profile 1

Result 1

Scan 3

Result 3

Option Profile 3

Result 3

Scan n

Result n

Option Profile n

Result n

Scan 2

Result 2

Option Profile 2

Result 2

Manual Data World

Auto Data World

Normalize

Database

Report Templates

Stored in report center for 7 days

+

Encrypted PDF distribution lists

Reports

C O N F I D E N T I A L


Api frameworks

API frameworks

  • Two API frameworks:

    • V1 – legacy

    • V2 introduced better scalability and two authentication schemes (session based and basic)

  • V2 api allow to pull automatic data in XML for external usage. Ex: import in a local database

  • Documentation: API user guide available through resources section in the UI. Quick reference guide will be available soon.

4

C O M P A N Y C O N F I D E N T I A L


Api leverage auto vuln data

API: leverage auto vuln data

  • First option: full download every time

  • Second option: 2 steps process to enhance scalability

    • 1st : initial import. Get all the vuln data

    • 2nd : on a regular basis, download only what changed.

  • Define a report template in UI and get the template ID

    • Use trend and analysis for a given period (1 day, 1 week, 1 month)

    • Use filter capabilities to get what you need.

    • Recommended filter: all vulnerabilities with status NEW – FIXED – REOPEN; Ignore ACTIVE

  • Use API v2 to run execute the report on the Qualys’ report servers. USE SAME FREQUENCY THAN THE PERIOD DEFINED IN THE REPORT TEMPLATE.

  • Targets of the report template (Asset groups or IP ranges) can be overridden at execution time  one template for many usage

5

C O M P A N Y C O N F I D E N T I A L


Reporting

Reporting

  • Using a database populated with CSV or XML results pulled from QualysGuard using API v2 for automatic vulnerability data

  • Usage of a reporting framework.

  • First suggestion: zoho report from zoho.com

    • http://reports.zoho.com/login/login.jsp

    • Business intelligence in your browser

  • Second suggestion: BIRT plugin for Eclipse

    • http://www.eclipse.org/birt/phoenix/

    • “BIRT is an open source Eclipse-based reporting system that integrates with your Java/J2EE application to produce compelling reports.”  require a Java/J2EE environment.

6

C O M P A N Y C O N F I D E N T I A L


Reporting zoho report example

Reporting – zoho report example

7

C O M P A N Y C O N F I D E N T I A L


Going forward

Going forward

  • Define a DB structure for vuln including status (new – active – fixed – reopened)

  • Define a DB structure for the assets – asset groups

8

C O M P A N Y C O N F I D E N T I A L


By eric perraudeau product manager

Questions?

Thank [email protected]


  • Login