Which integrations are available for this server?

Provides tools for investigating CVEs, assessing risk, checking compliance, planning remediation, and generating reports on the Qualys vulnerability management platform.

How do I use Qualys MCP Server?

1. Click on "Install Server". 2. Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state. 3. In the chat, type @ followed by the MCP server name and your instructions, e.g., "@Qualys MCP Server investigate CVE-2024-1234" That's it! The server will respond to your query, and you can continue using it as needed. Here is a step-by-step guide with screenshots.

Qualys MCP Server by bhayanak

Overview

A TypeScript MCP server that gives AI assistants (Claude, GitHub Copilot, Cursor) access to the Qualys platform. Investigate CVEs, assess risk, check compliance, plan remediation, and generate reports — all through natural language.

Capabilities

Category	What the AI Can Do
Investigation	Deep-dive any CVE, threat actor, host, IP, or free-text topic
Risk Assessment	Cross-domain risk: VMs, cloud (AWS/Azure/GCP), web apps, certificates
Compliance	PCI, HIPAA, CIS, NIST, SOC2 posture checking
Remediation	Patch priorities, deployment status, mitigation coverage
Security Overview	Daily/weekly/monthly security briefing
Reports	Generate, list, download Qualys reports

Related MCP server: DocSentinel

Packages

Package	Description
`qualys-mcp-server`	Standalone MCP server (npm, CLI)
`qualys-mcp-vscode-extension`	VS Code extension with auto-registration

Quick Start

Option 1: VS Code Extension

Install extension from visual studio marketplace
Configure settings: Cmd+, → search "Qualys MCP"
Set username, password, and POD
The server appears automatically in the MCP Servers panel

Option 2: Standalone (Claude Desktop, Cursor)

npx qualys-mcp-server

Or add to your MCP config:

{
  "mcpServers": {
    "qualys": {
      "command": "npx",
      "args": ["-y", "qualys-mcp-server"],
      "env": {
        "QUALYS_MCP_USERNAME": "your-username",
        "QUALYS_MCP_PASSWORD": "your-password",
        "QUALYS_MCP_POD": "US1"
      }
    }
  }
}

Tools

Tool	Description
`qualys_investigate`	Deep-dive CVE, host, IP, or threat actor
`qualys_assess_risk`	Cross-domain risk assessment
`qualys_check_compliance`	Compliance posture for PCI/HIPAA/CIS/NIST/SOC2
`qualys_plan_remediation`	Patch priorities and mitigation planning
`qualys_security_overview`	Security briefing (daily/weekly/monthly)
`qualys_reports`	Report management (list/generate/download/status)
`qualys_cache_status`	View and clear API response cache

Development

pnpm install
pnpm run ci       # typecheck + lint + format + test:coverage
pnpm run build    # Build all packages
pnpm run package  # Build VSIX

License

MIT

This server cannot be installed

A

license - permissive license

-

quality - not tested

C

maintenance

How are these scores calculated?

Maintenance

–Maintainers

–Response time

–Release cycle

–Releases (12mo)

Commit activity

Resources

GitHub Repository

Need Help?

Related Servers

Qualys MCP Server