@nelssec/qualys-mcp

v2.1.0

Published

15 days ago

MCP server for Qualys security APIs - enables natural language interaction with vulnerability, asset, and cloud security data

Downloads

2,146

0High
0Medium
0Low

nelssec

mcp qualys security vulnerability vmdr claude ai

@nelssec/qualys-mcp

MCP server for Qualys security APIs - enables natural language interaction with vulnerability, asset, and cloud security data through Claude and other MCP-compatible AI assistants.

Quick Start

# Run with MCP Inspector
npx @modelcontextprotocol/inspector npx @nelssec/qualys-mcp

# Or install globally
npm install -g @nelssec/qualys-mcp

Configuration

Set environment variables:

export QUALYS_USERNAME=your-username
export QUALYS_PASSWORD=your-password
export QUALYS_POD=US1  # US1, US2, US3, US4, EU1, EU2, EU3, CA1, IN1, AE1, UK1, AU1

Custom Platform Support

For engineering, development, or private cloud deployments:

export QUALYS_PLATFORM=qualysguard.p03.eng.sjc01.qualys.com

Or specify URLs directly:

export QUALYS_API_URL=https://qualysapi.custom.qualys.com
export QUALYS_GATEWAY_URL=https://gateway.custom.qualys.com

Usage with Claude Desktop

Add to ~/Library/Application Support/Claude/claude_desktop_config.json:

{
  "mcpServers": {
    "qualys": {
      "command": "npx",
      "args": ["@nelssec/qualys-mcp"],
      "env": {
        "QUALYS_USERNAME": "your-username",
        "QUALYS_PASSWORD": "your-password",
        "QUALYS_POD": "US1"
      }
    }
  }
}

For custom/engineering platforms:

{
  "mcpServers": {
    "qualys": {
      "command": "npx",
      "args": ["@nelssec/qualys-mcp"],
      "env": {
        "QUALYS_USERNAME": "your-username",
        "QUALYS_PASSWORD": "your-password",
        "QUALYS_PLATFORM": "qualysguard.p03.eng.sjc01.qualys.com"
      }
    }
  }
}

Features

61 MCP Tools across 13 Qualys modules
VMDR, Container Security, Global AssetView, KnowledgeBase
TotalCloud (AWS, Azure, GCP, OCI), Patch Management
EDR, FIM, WAS, Compliance, CertView, CAR
Cross-module workflows for risk prioritization

Example Queries

"Am I affected by CVE-2024-3094?"
"Show me critical vulnerabilities on internet-facing assets"
"What should I fix first on my external attack surface?"
"List AWS EC2 instances with failing security controls"

Documentation

See GitHub repo for full documentation.

License

MIT

Published

Vulnerabilities

Links

Maintainers

Keywords

Readme

@nelssec/qualys-mcp

Quick Start

Configuration

Custom Platform Support

Usage with Claude Desktop

Features

Example Queries

Documentation

License