How to connect Qualys to Vanta

  • Updated

Below we'll walkthrough the steps on connecting your Qualys account to Vanta.



Service User Setup:

Below is the guide to create a service user for Vanta, This guide also exists in the first step of the connection modal on the Vanta Integrations Page. Visit this link for a Video Walkthrough of the service account creation process.


You'll need a dedicated email for this service account.

  1. Go to the Qualys VDMR tool.

    You can find your app url in this page.

  2. Go to the USERS tab in the menu at the top as it's shown in the video.

  3. Click on the New button and the User option.

  4. Fill the general information form with the following unless indicated otherwise:

    First Name: Vanta

    Last Name: Integration

    Title:  (hyphen)

    Phone:  (hyphen)

    Address 1:  (hyphen)

    Country: United States of America

    E-Mail Address: Enter the dedicated email address for the service account.

    State: California

  5. In the Locale section:

    Language: English

    Date Format: ISO Format (yyyy-mm-dd)

    Time Zone: (GMT -08:00) United States, California (Pacific Standard Time)

  6. In the User Role section:

    User Role: Reader

    Allow Access to: Only check the API option checkbox

    Business Unit: Select the business unit you want to be monitored.

  7. In the Notifications section set everything to Noneoff or No notification, depending on the options available.

  8. Save your new user.

  9. Check the E-Mail address inbox for incoming emails from Qualys follow the instructions provided by them and return to this page once you've been provided with a password.



Once you've created your Service Account in Qualys, Enter its credentials in the last section of
Step 1 in the connection flow:

Click Next -> and you should now be able to Select your region. Use this Guide to determine your Platform Identifier.

Once selected you should be good to go! You'll now see Qualys as a connected integration:

As well as see your accounts pulled in on the Access page:


Tests and controls for Qualys:


Vanta automates 2 tests:

  • Qualys accounts associated with users
  • Qualys accounts deprovisioned when employees leave



Vanta helps pass 14 controls:

  • Access control
  • Access established, reviewed and modified
  • Access reviews conducted
  • Access revoked upon termination
  • Access rights
  • CUI systems protected during HR changes such as termination or transfer
  • Comprehensive Access Management In Place
  • Identity and Credential Management
  • Identity management
  • Logical Access - Account De-Activation
  • System access restricted to authorized access only
  • Terminated user access removed
  • Termination procedures established
  • Users, processes and devices are authenticated prior to access being granted

Was this article helpful?

Have more questions? Submit a request