By Eric Perraudeau, Product Manager Advanced reporting using API and Report frameworks San Francisco, CA March 22 nd 2010.

Slides:



Advertisements
Similar presentations
WMobile Desktop Browser Preview. Desktop Browser Background wMobile customers use mobile web UI as a lightweight desktop access point to GoldMine wMobile.
Advertisements

DIGIDOC A web based tool to Manage Documents. System Overview DigiDoc is a web-based customizable, integrated solution for Business Process Management.
Micro Control Solutions Stability System II rev. 6.4
CACORE TOOLS FEATURES. caCORE SDK Features caCORE Workbench Plugin EA/ArgoUML Plug-in development Integrated support of semantic integration in the plugin.
Productivity Tools For SAS . SAS ® users today ASAP ™Enhancement complementSoft introduces ASAP ™ an innovative productivity tool for SAS ® Diagramming.
Traditional Core & Advanced Capture Techniques. Agenda The Capture Process What’s New in Capture Workflow? Core and optional capture features Imports.
1 Actuate Corporation © 2010 THE BIRT COMPANY THE BIRT COMPANY THE BIRT COMPANY THE BIRT COMPANY THE BIRT COMPANY THE BIRT COMPANY THE BIRT COMPANY THE.
Interface Strategies and Methods.
Enterprise Content Management Departmental Solutions Enterprisewide Document/Content Management at half the cost of competitive systems ImageSite is:
EnviroMap.
CON7911: Building the Roadmap to a Successful Oracle Commerce Upgrade
CategoryCapability + Recommended Tool Analysis Self Service BI with Power View integration Ad-Hoc (e.g. user defined) views Interactive analysis.
E~Print Repository of Reports. e~Print e~PRINT REPOSITORIES Filters within Eprint reports include: Finance-Auburn University (chart A) Finance-Auburn.
Esri International User Conference | San Diego, CA Technical Workshops | Esri Tracking Solutions: Working with real-time data Adam Mollenkopf David Kaiser.
Vulnerability Analysis – The new Frontier of Security
WebSphere Studio Portal Toolkit Overview April/2003 Reginaldo Barosa.
Professional Informatics & Quality Assurance Software Lifecycle Manager „Tools that are more a help than a hindrance”
Oracle Developer Tools for Visual Studio.NET Christian Shay Principal Product Manager Oracle Corporation Prerequisites for presentation:
Walter Pitrof Technology Solution Professional Microsoft Switzerland Backup, Restore und Disaster Recovery mit Data Protection Manager 2012 Philipp Witschi.
ViciDocs for BPO Companies Creating Info repositories from documents.
January, 23, 2006 Ilkay Altintas
CONFIDENTIAL – DO NOT DISTRIBUTE Copyright © 2014 Interneer, Inc. All rights reserved. Partner with Professional Services for Success and Configuration.
Introduction to Colleague An introduction to using Durham Tech’s Enterprise Resource Planning System (ERP)
Gain Performance & Scalability With RightNow Analytics
Tim Leung SQL Bits October  Features and Advantages  Architecture  Installation  Creating Reports.
May 16 – 18, 2007 Copyright 2007, Data Access Worldwide May 16 – 18, 2007 Copyright 2007, Data Access Worldwide Build Great Web Application 'Fast and Easy'
SharePoint 2010 Business Intelligence Module 10: Reporting Services.
Testing Tools using Visual Studio Randy Pagels Sr. Developer Technology Specialist Microsoft Corporation.
Joomla! Day France SEBLOD Version 2.0 for Joomla! 1.6.
Oracle Application Express 3.0 Joel R. Kallman Software Development Manager.
Hands-On Microsoft Windows Server 2008
Business Solutions Using Microsoft ® Office SharePoint ® Server ROADSHOW.
Fundamentals of Database Chapter 7 Database Technologies.
Canadian User Group Meeting Management Reporting.
SUM601D -- From Application Portfolio to Application Readiness: Automating Application Migration with Citrix AppDNA Mark J Henderson Senior Sales Engineer.
International Atomic Energy Agency INIS Database on CD-ROM and on Internet: Enhancements 34 th Consultative Meeting of INIS Liaison Officers 3-5 November.
What is TrinDocs A fully integrated document management system enabling: Archiving Instant Retrieval Workflow & Routing OCR and Intelligent Form Recognition.
0 SharePoint Search 2013 Rafael de la Cruz SharePoint Developer Seneca Resources twitter.com/delacruz_rafael
Enterprise Integration in Sakai 2.4 An overview of what’s new and (hopefully) improved.
SOA-25: Data Distribution Solutions Using DataXtend ® Semantic Integrator for Sonic ™ ESB Users Jim Barton Solution Architect.
© 2006 DTP PMC; made available under the EPL v1.0 | July 12, 2006 | DTP Enablement Project Creation Review Creation Review: Eclipse Data Tools Platform.
May, Agenda ACQuipedia Overview Article Currency Introduce ACQuipedia
Talentlink Reporting This should be the first page of your presentation.
© 2008 by Shawn Spiars; made available under the EPL v1.0 | March 17, 2008 Case Study – Phurnace Software and RCP Shawn Spiars Lead UI Developer Phurnace.
Rob Davidson, Partner Technology Specialist Microsoft Management Servers: Using management to stay secure.
Biomedical Informatics Research Network BIRN Workflow Portal.
VULN SCANNING Dr. Andy Wu BCIS 4630 Fundamentals of IT Security.
Integrated Mobile Marketing Platform Emergic mConnector Integrated -Mobile Marketing Platform Presented By: Sales Person Name ID: Mobile:
Module 1: Introduction to Microsoft SQL Server Reporting Services
Oracle eBusiness Financials R12 Oracle Receivables Functional Overview TCS Oracle Practice.
Sitecore.net Training, Oct ECM 2.1 UPDATE 2 PART 1 CRAWL BEFORE YOU WALK.
© 2013 IBM Corporation Accelerating Product and Service Innovation Service Virtualization Testing in Managed Environments Michael Elder, IBM Senior Technical.
In order to survive in the era of competition a business firm needs market research. Researching market involves thorough analysis and gathering of data.
Windows Vista Configuration MCTS : Network Security.
Maven & NetBeans Platform. Agenda ● Maven NetBeans Platform Project Types ● Three NetBeans RCP project types ● Differences with Ant project types ● All.
Lotus Symphony Extension Model ● Jin Hua, Chen ● IBM.
Fifth iMarine Board meeting June 2014, FAO (Rome) Related to Agenda item 6 NEAFC to ICES data exchange Supporting collaboration and secure data exchange.
ENOG13 Saint Petersburg Diego Luis Neto SW NL-ix.
Leveraging the Business Intelligence Features in SharePoint 2010
Service Framework Proposal
Data Management Agenda
Integrating Oracle HTML DB with Oracle Application Server 10g.
Maximo Upgrade Information Session
Presentation of the eTendersNI service Business Intelligence Module
9/14/2018 2:22 AM THR2026 Set up secure and efficient collaboration for your organization with Office 365 Joe Davies Senior Content Developer Brenda Carter.
State Software Redesign
CRM OdooV11 Documented By : Odoo Team, Entiovi.
Features Overview.
TracCloud.
Presentation transcript:

by Eric Perraudeau, Product Manager Advanced reporting using API and Report frameworks San Francisco, CA March 22 nd 2010

Agenda  Manual Data vs Automatic Data  Qualys API frameworks  Reporting  Q&A C O M P A N Y C O N F I D E N T I A L 2

C O N F I D E N T I A L 3 Manual Data vs Automatic Data Scan 1 Result 1 Option Profile 1 Result 1 Scan 2 Result 2 Option Profile 2 Result 2 Scan 3 Result 3 Option Profile 3 Result 3 Scan n Result n Option Profile n Result n Manual Data World Auto Data World Report Templates Reports Normalize Database Stored in report center for 7 days + Encrypted PDF distribution lists

C O M P A N Y C O N F I D E N T I A L 4 API frameworks  Two API frameworks:  V1 – legacy  V2 introduced better scalability and two authentication schemes (session based and basic)  V2 api allow to pull automatic data in XML for external usage. Ex: import in a local database  Documentation: API user guide available through resources section in the UI. Quick reference guide will be available soon.

C O M P A N Y C O N F I D E N T I A L 5 API: leverage auto vuln data  First option: full download every time  Second option: 2 steps process to enhance scalability  1 st : initial import. Get all the vuln data  2 nd : on a regular basis, download only what changed.  Define a report template in UI and get the template ID  Use trend and analysis for a given period (1 day, 1 week, 1 month)  Use filter capabilities to get what you need.  Recommended filter: all vulnerabilities with status NEW – FIXED – REOPEN; Ignore ACTIVE  Use API v2 to run execute the report on the Qualys’ report servers. USE SAME FREQUENCY THAN THE PERIOD DEFINED IN THE REPORT TEMPLATE.  Targets of the report template (Asset groups or IP ranges) can be overridden at execution time  one template for many usage

C O M P A N Y C O N F I D E N T I A L 6 Reporting  Using a database populated with CSV or XML results pulled from QualysGuard using API v2 for automatic vulnerability data  Usage of a reporting framework.  First suggestion: zoho report from zoho.com   Business intelligence in your browser  Second suggestion: BIRT plugin for Eclipse   “BIRT is an open source Eclipse-based reporting system that integrates with your Java/J2EE application to produce compelling reports.”  require a Java/J2EE environment.

C O M P A N Y C O N F I D E N T I A L 7 Reporting – zoho report example

C O M P A N Y C O N F I D E N T I A L 8 Going forward  Define a DB structure for vuln including status (new – active – fixed – reopened)  Define a DB structure for the assets – asset groups

Questions? Thank you!