![Hyperproof.Io [Test] Help Center](https://downloads.intercomcdn.com/i/o/xgk1dxp2/757668/427b255f2659cc7e0853d6a00ec1/628914ae2617199b7d999ba797a5305a.png)
📝 Note
Hyperproof connects to many third-party systems that frequently change, including the system interface. Contact your System Administrator or the third-party provider for assistance in meeting the requirements to integrate with Hyperproof and collect the proof you need.
When you create a Hypersync between Hyperproof and Qualys, you can automatically collect the following proof types:
Qualys proof types and fields
Proof type | Fields | Testable |
List of Assets | Asset, IP Address, Operating System, Last Vulnerability Scan, Last VM Scan, Last Compliance Scan, Tags | Yes |
List of PC Scans | No | |
List of Users | Username, First Name, Last Name, Email Address, Business Unit, Roles, Status, Last Login Date | Yes |
List of VM Scans | Title, Type, User, Launch Date, Duration, Targets, Status | Yes |
VM Remediation Tickets | ID, Vulnerability Level, Ticket Status, Ticket Due Date, Last Modified Date, Time to Resolution, Overdue | Yes |
📝 Note
The List of VM Scans proof includes a link to Qualys that provides an unfiltered view of all your scans and is not based on the time period selected when configuring the Hypersync.
Additional documentation
📝 Note
You only need to connect Hyperproof to the app once, and then you can create as many Hypersyncs as you need.
Additionally, you can create multiple Hypersyncs for a single control or label.
Certain cloud services offer specialized options for IP filtering in their cloud consoles to lock down specific cloud API endpoints for security and compliance purposes. You can use the Hyperproof static IP addresses to allow communication between Hyperproof Hypersyncs and your cloud service.
📝 Note
IP addresses for the Hyperproof Gov will be deprecated and replaced, as shown in the following table:
Service | Current IP address | New IP address |
Main app | 4.154.201.6 | 4.155.77.155 |
Integrations | 4.246.104.90 | 4.155.78.5 |
To prevent connectivity issues, it is recommended that you include all four IP addresses in your allowlists.
Hyperproof US IP addresses - 20.184.128.53, 52.9.169.38, 52.159.252.1
📝 Note
IP address 52.9.169.38 will be deprecated and replaced with 52.159.252.1 in the future. To prevent connectivity issues, it is recommended that you include all three IP addresses in your allowlists.
Hyperproof EU IP addresses - 9.141.172.46, 4.185.45.100
Hyperproof Gov IP addresses - 4.154.201.6, 4.246.104.90
See Hyperproof instances for more information.
Supported platforms
The Qualys Hypersync supports the following platforms:
|
|
|
For help identifying your platform, see Identify your Qualys platform in the Qualys documentation.
Permissions
The minimum permissions needed for a Qualys user to create a Hypersync are:
Read access to the Manage VM and Manage SCA modules
API Access turned on
Additional setup may be required for the List of Assets proof.
To include Cloud Agent assets in the List of Assets proof create a new Manager User and limit that user's permissions under User Management as follows:
Select Quick Actions > Edit > Roles and Scopes and uncheck the Allow user full permissions and scope option.
Add the following minimum roles: READER, Reporting Reader, Unified Dashboard User, and VM User.
Ensure that the Allow user view access to all objects is checked.
Authentication
Authentication type: Custom
Custom authentication parameters: Username, Password, Platform
❗ Important
If your Qualys instance uses Single Sign-On (SSO), you’ll need your Qualys administrator to create a Qualys service account with SSO disabled. SSO can be disabled on a per-account basis. For more information, refer to this Qualys help article.
Creating a Qualys user with minimum permissions
Log in to Qualys as an Administrator.
Click the drop-down menu in the upper-left corner.
Scroll to Utilities, and then select Administration.
From the User Management tab, click Create User and then select Create Reader User.
The New Reader User window opens.
Enter all required information.
❗ Important
Do not click the Save button until step 11.
From the left navigation menu, select the User Role tab.
From the User Role drop-down menu, select Reader.
Select the GUI and API checkboxes.
From the left navigation menu, select the Permissions tab.
Select the Manage VM Module and Manage PC Module checkboxes.
Click Save.
Assign hosts to the Reader User using Asset Groups in VMDR and PC:
Navigate to VMDR or PC.
Select the Users tab.
Mouse over the Reader User, click the arrow, and then click Edit.
From the Asset Groups tab, add the appropriate asset group(s).
Click Save.
Refer to the Qualys documentation for help with managing asset groups.
Completing new user setup
You’ll receive an email from Qualys with the subject Qualys Registration—Start Now.
Copy and save the username provided by Qualys.
Click Link to access your password.
Copy the OTP code from the email, paste it, and then click Submit.
Copy and save the password provided by Qualys.
Click the URL to log in to Qualys.
Confirm the user’s information, and then click Save.
After clicking Save, you’ll be prompted to change the user’s password.
Removing GUI access for a new user
Log in to Qualys as an Administrator.
Click the drop-down menu in the upper-left corner.
Scroll to Utilities, and then select Administration.
Mouse over the user, click the drop-down arrow, and then select Edit Basic Details.
The Edit User window opens.
From the left navigation menu, select the User Role tab.
Clear the checkbox labeled GUI.
Click Save.