Metadata-Version: 2.4
Name: qualys-mcp
Version: 2.1.3
Summary: MCP server for Qualys security APIs - natural language interaction with vulnerability, asset, and cloud security data
Project-URL: Homepage, https://github.com/nelssec/qualys-mcp
Project-URL: Repository, https://github.com/nelssec/qualys-mcp
Project-URL: Issues, https://github.com/nelssec/qualys-mcp/issues
Author-email: Andrew Nelson <andrew@nelssec.com>
License-Expression: MIT
License-File: LICENSE
Keywords: ai,claude,mcp,qualys,security,vmdr,vulnerability
Classifier: Development Status :: 4 - Beta
Classifier: Intended Audience :: Developers
Classifier: Intended Audience :: Information Technology
Classifier: License :: OSI Approved :: MIT License
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Topic :: Security
Requires-Python: >=3.9
Requires-Dist: fastmcp>=0.1.0
Description-Content-Type: text/markdown

# Qualys MCP Server

A lightweight MCP server for Qualys security data - **12 tools** that answer your security questions.

## Claude Desktop Config

Add to `~/Library/Application Support/Claude/claude_desktop_config.json`:

```json
{
  "mcpServers": {
    "qualys": {
      "command": "uvx",
      "args": ["qualys-mcp"],
      "env": {
        "QUALYS_USERNAME": "your-username",
        "QUALYS_PASSWORD": "your-password",
        "QUALYS_BASE_URL": "https://qualysapi.qualys.com",
        "QUALYS_GATEWAY_URL": "https://gateway.qg1.apps.qualys.com"
      }
    }
  }
}
```

Requires [uv](https://docs.astral.sh/uv/): `brew install uv` or `curl -LsSf https://astral.sh/uv/install.sh | sh`

## Alternative Installation

```bash
# Install globally
pip install qualys-mcp

# Run directly
export QUALYS_USERNAME="your-username"
export QUALYS_PASSWORD="your-password"
export QUALYS_BASE_URL="https://qualysapi.qualys.com"
export QUALYS_GATEWAY_URL="https://gateway.qg1.apps.qualys.com"
qualys-mcp
```

## Tools

| Tool | Question it answers |
|------|---------------------|
| `get_weekly_priorities` | What should my team fix this week? |
| `investigate_cve` | Are we affected by CVE-XXXX? |
| `get_security_posture` | How secure are we overall? |
| `get_patch_status` | What's our patching coverage? |
| `get_compliance_gaps` | What will fail our audit? |
| `get_cloud_risk` | What's our cloud security posture? |
| `get_asset_risk` | Why is this asset risky? |
| `get_tech_debt` | How do we reduce EOL software? |
| `get_image_vulns` | What vulns are in this container image? |
| `get_expiring_certs` | What certificates expire soon? |
| `get_threats` | What threats have we detected? |
| `get_webapp_vulns` | What web app vulns exist? |

## Qualys PODs

| POD | BASE_URL | GATEWAY_URL |
|-----|----------|-------------|
| US1 | qualysapi.qualys.com | gateway.qg1.apps.qualys.com |
| US2 | qualysapi.qg2.apps.qualys.com | gateway.qg2.apps.qualys.com |
| US3 | qualysapi.qg3.apps.qualys.com | gateway.qg3.apps.qualys.com |
| EU1 | qualysapi.qualys.eu | gateway.qg1.apps.qualys.eu |
| EU2 | qualysapi.qg2.apps.qualys.eu | gateway.qg2.apps.qualys.eu |

## License

MIT - Copyright (c) 2025 Andrew Nelson
