This n8n workflow automates the process of initiating a vulnerability scan on Qualys, monitoring its progress, and reporting the results to Slack. Designed for cybersecurity teams and system administrators, it simplifies vulnerability management by providing real-time updates and detailed reports within Slack channels.
The workflow begins with a Slack trigger, typically activated through a Slack shortcut or modal input, allowing users to start a vulnerability scan directly from Slack. It then makes an API request to Qualys to launch the scan using specified parameters.
Once the scan is initiated, the workflow converts the XML results—obtained from Qualys—into JSON for easier processing. It then enters a loop, waiting approximately 5 minutes between checks, to poll the scan status. This continues until the scan reports as ‘FINISHED’.
After confirming the scan completion, the workflow retrieves detailed scan results from Qualys. It extracts key information such as scan title, user, target hosts, and vulnerabilities detected.
Finally, the workflow posts a comprehensive report to Slack, including a summary, visual data, and a direct link to the full report on Qualys. Additional Slack messages inform users of scan initiation, waiting status, and completion, ensuring clear communication throughout the process.
This automation enhances security workflows by streamlining vulnerability assessments, reducing manual effort, and ensuring timely detection and reporting of security issues.
Reviews
There are no reviews yet.