Qualys Create Report Workflow (Qualys Security Scan Report Automated Generation Workflow)

Workflow Name

Key Features and Highlights

This workflow automates the entire process of generating, monitoring, and retrieving security scan reports from the Qualys security platform. Triggered via Slack, it automatically queries and selects report templates, initiates report generation, polls the report status in a loop, and upon completion, downloads the report and uploads it to a designated Slack channel. This ensures the team receives the latest security reports promptly. Highlights include full automation, real-time status polling, flexible output formats (such as PDF), and seamless Slack integration, significantly enhancing the efficiency of Security Operations Centers (SOC).

Core Problems Addressed

The manual process of generating and downloading Qualys security scan reports is cumbersome and time-consuming.
Frequent manual checking of report generation status increases operational burden.
Reports are scattered, making timely access and sharing difficult for teams.
Insufficient automation in SOC workflows affects response speed and collaboration efficiency.

Use Cases

Automated security report generation and distribution in Security Operations Centers (SOC).
Regular retrieval of compliance or vulnerability scan reports by DevOps or security teams.
Teams requiring quick triggering and sharing of security scan results via Slack.
Any organization using Qualys for security scanning that aims to simplify report management workflows.

Main Workflow Steps

Trigger the Workflow: Initiated via a Slack modal submission, collecting report parameters such as template name, report title, and output format.
Set Global Variables: Configure base API endpoints and parameters.
Retrieve Report Template IDs: Call the Qualys API to fetch available report templates, parsing XML responses into JSON format.
Start Report Generation: Use the selected template ID and parameters to initiate report creation via a POST request.
Poll Report Completion Status: Query the report status every minute until generation is complete.
Download the Report: Automatically download the report file from Qualys once ready.
Upload to Slack: Automatically upload the report to a specified Slack channel and notify relevant team members.

Involved Systems or Services

Qualys API: For fetching report templates, generating reports, querying status, and downloading reports.
Slack: Serves as the trigger interface and platform for report notifications and sharing.
n8n Automation Platform: Handles workflow orchestration, data transformation (XML to JSON), timed waits, conditional logic, and other automation tasks.

Target Users and Value Proposition

Security Operations Center (SOC) Teams: Reduce manual effort and improve security report processing efficiency.
Security Analysts and Managers: Quickly access the latest security scan data to support timely response and decision-making.
DevOps and IT Operations Personnel: Simplify security compliance reporting and integrate security toolchains.
Any Organization Automating Qualys Report Generation and Distribution: Save time, ensure data timeliness, and enhance collaboration efficiency.

By deploying the “Qualys Create Report Workflow,” organizations can achieve fully automated processing and convenient sharing of security scan reports, greatly improving the responsiveness and productivity of security teams, and helping to build an efficient and intelligent security operations system.