HttpRequest Automate

• Security Teams: Professionals responsible for managing and monitoring vulnerabilities within their organization.
• DevOps Engineers: Individuals who integrate security practices within the DevOps process.
• IT Administrators: Personnel managing IT infrastructure who need to ensure systems are secure.
• Compliance Officers: Experts ensuring that the organization adheres to security regulations and standards.
• Business Leaders: Executives interested in understanding the security posture of their organization.

This workflow automates the process of initiating vulnerability scans using the Qualys API and retrieves scan results efficiently. It addresses the challenges of manual scanning, which can be time-consuming and prone to human error. By automating the scanning process and providing timely updates via Slack, it ensures that teams are promptly informed about vulnerabilities, allowing for quicker remediation and enhanced security posture.

• Step 1: Trigger the Workflow - The workflow is manually initiated, allowing users to start vulnerability scans as needed.
• Step 2: Start VM Scan in Qualys - A scan is launched using the Qualys API with parameters defined in the workflow.
• Step 3: Convert XML to JSON - The XML response from Qualys is converted to JSON format for easier processing.
• Step 4: Fetch Scan Results - The workflow retrieves the results of the initiated scan.
• Step 5: Loop Over Items - The workflow checks the scan status every 5 minutes until it is marked as FINISHED.
• Step 6: Check if Scan Finished - Once the scan is complete, the results are processed and prepared for reporting.
• Step 7: Post Vulnerability Scan Summary to Slack - A summary of the scan results is posted in a specified Slack channel, including critical details like the number of detected vulnerabilities.
• Step 8: Delete Receipt - The initial notification message is deleted to keep the channel organized.