Introduction

The Qualys CertView Plugin discovers SSL/TLS certificates from Qualys CertView, which aggregates certificate data from multiple sources:

• Cloud Agent: Host-based scanning of endpoint certificate stores
• VM Scanner: Network-based SSL/TLS certificate probing
• Web Application Scanning (WAS): Certificates found during security assessments
• External Attack Surface Management (EASM): Passive discovery of internet-facing certificates

The plugin exports certificate inventory in standardized JSON format for cryptographic asset management and compliance.

Features

• Multi-Source Certificate Discovery: Retrieves certificates from Cloud Agent, VM Scanner, WAS, and EASM
• Comprehensive Asset Discovery: Retrieves both MANAGED and UNMANAGED assets with metadata for downstream filtering
• Incremental Scanning: Uses Qualys's updateDate field for delta scans
• Post-Quantum Cryptography: Extracts PQC algorithm metadata (CertView v2.3 API)
• Rich Metadata: Asset details, host instances, SSL/TLS protocols, cipher suites, security grades, revocation status
• Standardized Output: Consistent JSON format with URN generation
• State Tracking: Persists scan state for incremental discovery
• Secure Credentials: Masked input fields for sensitive data