Introduction

The Qualys CertView Plugin discovers SSL/TLS certificates from Qualys CertView, which aggregates certificate data from multiple sources:

  • Cloud Agent: Host-based scanning of endpoint certificate stores
  • VM Scanner: Network-based SSL/TLS certificate probing
  • Web Application Scanning (WAS): Certificates found during security assessments
  • External Attack Surface Management (EASM): Passive discovery of internet-facing certificates

The plugin exports certificate inventory in standardized JSON format for cryptographic asset management and compliance.

Features

  • Multi-Source Certificate Discovery: Retrieves certificates from Cloud Agent, VM Scanner, WAS, and EASM
  • Comprehensive Asset Discovery: Retrieves both MANAGED and UNMANAGED assets with metadata for downstream filtering
  • Incremental Scanning: Uses Qualys's updateDate field for delta scans
  • Post-Quantum Cryptography: Extracts PQC algorithm metadata (CertView v2.3 API)
  • Rich Metadata: Asset details, host instances, SSL/TLS protocols, cipher suites, security grades, revocation status
  • Standardized Output: Consistent JSON format with URN generation
  • State Tracking: Persists scan state for incremental discovery
  • Secure Credentials: Masked input fields for sensitive data