Presentation is loading. Please wait.

Presentation is loading. Please wait.

By Eric Perraudeau, Product Manager Advanced reporting using API and Report frameworks San Francisco, CA March 22 nd 2010.

Published byCathleen Mason Modified over 8 years ago

Similar presentations

Presentation on theme: "By Eric Perraudeau, Product Manager Advanced reporting using API and Report frameworks San Francisco, CA March 22 nd 2010."— Presentation transcript:

1 by Eric Perraudeau, Product Manager Advanced reporting using API and Report frameworks San Francisco, CA March 22 nd 2010

2 Agenda  Manual Data vs Automatic Data  Qualys API frameworks  Reporting  Q&A C O M P A N Y C O N F I D E N T I A L 2

3 C O N F I D E N T I A L 3 Manual Data vs Automatic Data Scan 1 Result 1 Option Profile 1 Result 1 Scan 2 Result 2 Option Profile 2 Result 2 Scan 3 Result 3 Option Profile 3 Result 3 Scan n Result n Option Profile n Result n Manual Data World Auto Data World Report Templates Reports Normalize Database Stored in report center for 7 days + Encrypted PDF distribution lists

4 C O M P A N Y C O N F I D E N T I A L 4 API frameworks  Two API frameworks:  V1 – legacy  V2 introduced better scalability and two authentication schemes (session based and basic)  V2 api allow to pull automatic data in XML for external usage. Ex: import in a local database  Documentation: API user guide available through resources section in the UI. Quick reference guide will be available soon.

5 C O M P A N Y C O N F I D E N T I A L 5 API: leverage auto vuln data  First option: full download every time  Second option: 2 steps process to enhance scalability  1 st : initial import. Get all the vuln data  2 nd : on a regular basis, download only what changed.  Define a report template in UI and get the template ID  Use trend and analysis for a given period (1 day, 1 week, 1 month)  Use filter capabilities to get what you need.  Recommended filter: all vulnerabilities with status NEW – FIXED – REOPEN; Ignore ACTIVE  Use API v2 to run execute the report on the Qualys’ report servers. USE SAME FREQUENCY THAN THE PERIOD DEFINED IN THE REPORT TEMPLATE.  Targets of the report template (Asset groups or IP ranges) can be overridden at execution time  one template for many usage

6 C O M P A N Y C O N F I D E N T I A L 6 Reporting  Using a database populated with CSV or XML results pulled from QualysGuard using API v2 for automatic vulnerability data  Usage of a reporting framework.  First suggestion: zoho report from zoho.com  http://reports.zoho.com/login/login.jsp http://reports.zoho.com/login/login.jsp  Business intelligence in your browser  Second suggestion: BIRT plugin for Eclipse  http://www.eclipse.org/birt/phoenix/ http://www.eclipse.org/birt/phoenix/  “BIRT is an open source Eclipse-based reporting system that integrates with your Java/J2EE application to produce compelling reports.”  require a Java/J2EE environment.

7 C O M P A N Y C O N F I D E N T I A L 7 Reporting – zoho report example

8 C O M P A N Y C O N F I D E N T I A L 8 Going forward  Define a DB structure for vuln including status (new – active – fixed – reopened)  Define a DB structure for the assets – asset groups

9 Questions? Thank you! eperraudeau@qualys.com

Download ppt "By Eric Perraudeau, Product Manager Advanced reporting using API and Report frameworks San Francisco, CA March 22 nd 2010."

Similar presentations

WMobile Desktop Browser Preview. Desktop Browser Background wMobile customers use mobile web UI as a lightweight desktop access point to GoldMine wMobile.

WMobile Desktop Browser Preview. Desktop Browser Background wMobile customers use mobile web UI as a lightweight desktop access point to GoldMine wMobile.
DIGIDOC A web based tool to Manage Documents. System Overview DigiDoc is a web-based customizable, integrated solution for Business Process Management.

DIGIDOC A web based tool to Manage Documents. System Overview DigiDoc is a web-based customizable, integrated solution for Business Process Management.
Micro Control Solutions Stability System II rev. 6.4

Micro Control Solutions Stability System II rev. 6.4
CACORE TOOLS FEATURES. caCORE SDK Features caCORE Workbench Plugin EA/ArgoUML Plug-in development Integrated support of semantic integration in the plugin.

CACORE TOOLS FEATURES. caCORE SDK Features caCORE Workbench Plugin EA/ArgoUML Plug-in development Integrated support of semantic integration in the plugin.
Productivity Tools For SAS . SAS ® users today ASAP ™Enhancement complementSoft introduces ASAP ™ an innovative productivity tool for SAS ® Diagramming.

Productivity Tools For SAS . SAS ® users today ASAP ™Enhancement complementSoft introduces ASAP ™ an innovative productivity tool for SAS ® Diagramming.
Traditional Core & Advanced Capture Techniques. Agenda The Capture Process What’s New in Capture Workflow? Core and optional capture features Imports.

Traditional Core & Advanced Capture Techniques. Agenda The Capture Process What’s New in Capture Workflow? Core and optional capture features Imports.
1 Actuate Corporation © 2010 THE BIRT COMPANY THE BIRT COMPANY THE BIRT COMPANY THE BIRT COMPANY THE BIRT COMPANY THE BIRT COMPANY THE BIRT COMPANY THE.

1 Actuate Corporation © 2010 THE BIRT COMPANY THE BIRT COMPANY THE BIRT COMPANY THE BIRT COMPANY THE BIRT COMPANY THE BIRT COMPANY THE BIRT COMPANY THE.
Www.regoconsulting.comPhone: 1-888-813-0444 Interface Strategies and Methods.

Interface Strategies and Methods.
Enterprise Content Management Departmental Solutions Enterprisewide Document/Content Management at half the cost of competitive systems ImageSite is:

Enterprise Content Management Departmental Solutions Enterprisewide Document/Content Management at half the cost of competitive systems ImageSite is:
EnviroMap.

EnviroMap.
CON7911: Building the Roadmap to a Successful Oracle Commerce Upgrade

CON7911: Building the Roadmap to a Successful Oracle Commerce Upgrade
CategoryCapability + Recommended Tool Analysis Self Service BI with Power View integration Ad-Hoc (e.g. user defined) views Interactive analysis.

CategoryCapability + Recommended Tool Analysis Self Service BI with Power View integration Ad-Hoc (e.g. user defined) views Interactive analysis.
E~Print Repository of Reports. e~Print e~PRINT REPOSITORIES Filters within Eprint reports include: Finance-Auburn University (chart A) Finance-Auburn.

E~Print Repository of Reports. e~Print e~PRINT REPOSITORIES Filters within Eprint reports include: Finance-Auburn University (chart A) Finance-Auburn.
Esri International User Conference | San Diego, CA Technical Workshops | Esri Tracking Solutions: Working with real-time data Adam Mollenkopf David Kaiser.

Esri International User Conference | San Diego, CA Technical Workshops | Esri Tracking Solutions: Working with real-time data Adam Mollenkopf David Kaiser.
Vulnerability Analysis – The new Frontier of Security

Vulnerability Analysis – The new Frontier of Security
WebSphere Studio Portal Toolkit Overview April/2003 Reginaldo Barosa.

WebSphere Studio Portal Toolkit Overview April/2003 Reginaldo Barosa.
Professional Informatics & Quality Assurance Software Lifecycle Manager „Tools that are more a help than a hindrance”

Professional Informatics & Quality Assurance Software Lifecycle Manager „Tools that are more a help than a hindrance”
Oracle Developer Tools for Visual Studio.NET Christian Shay Principal Product Manager Oracle Corporation Prerequisites for presentation:

Oracle Developer Tools for Visual Studio.NET Christian Shay Principal Product Manager Oracle Corporation Prerequisites for presentation:
Walter Pitrof Technology Solution Professional Microsoft Switzerland Backup, Restore und Disaster Recovery mit Data Protection Manager 2012 Philipp Witschi.

Walter Pitrof Technology Solution Professional Microsoft Switzerland Backup, Restore und Disaster Recovery mit Data Protection Manager 2012 Philipp Witschi.
ViciDocs for BPO Companies Creating Info repositories from documents.

ViciDocs for BPO Companies Creating Info repositories from documents.

Similar presentations

Ads by Google