Configuring Vulnerability Scanners
AccelOps supports these vulnerability scanners for discovery and monitoring.
McAfee Foundstone Vulnerability Scanner Configuration
Nessus Vulnerability Scanner Configuration
Qualys Vulnerability Scanner Configuration
Rapid7 NeXpose Vulnerability Scanner Configuration
McAfee Foundstone Vulnerability Scanner Configuration
What is Discovered and Monitored
| Protocol | Metrics collected | Used for |
| JDBC (SQL
Server) |
Scan name, Scanned Host Name, Host OS, Vulnerability category, Vulnerability name, Vulnerability severity,
Vulerability CVE Id, Vulnerability Score, Vulnerability Consequence |
Security
Monitoring |
Event Types
In CMDB > Event Types, search for “foundstone” in the Description column to see the event types associated with this device.
Rules
There are no predefined rules for this device.
Reports
There are no predefined rules for this device.
Configuration
JDBC
AccelOps connects to the faultline database in the McAfee vulnerability scanner to collect metrics. This is a SQL Server database, so you will need to have set up access credentials for the database over JDBC to set up access credentials in AccelOps and initiate discovery. Settings for Access Credentials
Nessus Vulnerability Scanner Configuration
What is Discovered and Monitored
| Protocol | Metrics collected | Used for |
| Nessus
API |
Scan name, Scanned Host Name, Host OS, Vulnerability category, Vulnerability name, Vulnerability severity,
Vulerability CVE Id and Bugtraq Id, Vulnerability CVSS Score, Vulnerability Consequence |
Security
Monitoring |
Event Types
In CMDB > Event Types, search for “nessus” in the Description and Device Type column to see the event types associated with this device.
Rules
There are no predefined rules for this device.
Reports
In Analytics > Reports, search for “nessus” in the Description column to see the reports associated with this device.
Configuration
Nessus API
Create a user name and password that AccelOps can use as access credentials for the API. Make sure the user has permissions to view the scan report files on the Nessus device. You can check if your user has the right permissions by running a scan report as that user.
You can now configure AccelOps to communicate with your device by following the instructions in Setting Access Credentials for Device Discovery, and then initiate discovery of the device as described in the topics in Discovering Infrastructure.
Settings for Access Credentials
Qualys Vulnerability Scanner Configuration
What is Discovered and Monitored
| Protocol | Metrics collected | Used for |
| Qualys
API |
Scan name, Scanned Host Name, Host OS, Vulnerability category, Vulnerability name, Vulnerability severity, Vulerability CVE Id and Bugtraq Id, Vulnerability Consequence | Security
Monitoring |
Event Types
In CMDB > Event Types, search for “qualys” in the Device Type column to see the event types associated with this device.
Rules
There are no predefined rules for this device.
Reports
In Analytics > Reports, search for “qualys” in the Description column to see the reports associated with this device.
Configuration
Qualys API
Create a user name and password that AccelOps can use as access credentials for the API.
You can now configure AccelOps to communicate with your device by following the instructions in Setting Access Credentials for Device Discovery, and then initiate discovery of the device as described in the topics in Discovering Infrastructure.
Settings for Access Credentials
Rapid7 NeXpose Vulnerability Scanner Configuration
What is Discovered and Monitored
| Protocol | Metrics collected | Used for |
| Rapid7
Nexpose API |
Scan name, Scanned Host Name, Host OS, Vulnerability category, Vulnerability name, Vulnerability severity,
Vulerability CVE Id and Bugtraq Id, Vulnerability CVSS Score, Vulnerability Consequence |
Security
Monitoring |
Event Types
In CMDB > Event Types, search for “rapid7” in the Description and Device Type columns to see the event types associated with this device.
Rules
There are no predefined rules for this device.
Reports
There are no predefined reports for this device.
Configuration
Rapid7 NeXpose API
- Log into the device manger for your vulnerability scanner with administrative credentials.
- Go to Administration > General > User Configuration, and create a user that AccelOps can use to access the device.
- Go to Reports > General > Report Configuration.
- Create a report with the Report format set to Simple XM
AccelOps can only pull reports in this format.