1. Go to Qualys and login with your NetID
2. Click on the User tab
   
   
   
   
3. Click on the "Search" button
   
   
   
   
4. Put the requester's name in the "Name" field. Then click "Search"
   
   
   
   
5. Find the user in the list. The user that you just selected should turn yellow. Click on the down arrow to open the "Quick Action" menu and select "Edit"
   
   
   
   
6. In the "User Role" tab set/update the following fields
   
   • Business Unit: Requester's UDDS. You can find this by looking the requester up in the NetID tool if the requester did not provide their UDDS.
   • CHECK the checkbox for "Transfer personal configurations"
   • UNCHECK the checkbox for "Transfer Asset Groups"
   
   
   
   
   
7. In the User Status tab make sure the "Deactive this user" is UNCHECKED
   
   
   
   
8. Click "Save"
   
   
   
   
9. Click on the "Module" drop down. Scroll to the bottom and click on "Administration"
   
   
   
   
10. Find the user by typing in "First" and chosing the "First Name" option and hitting Enter. Then put in the user's first name that you just created.
    
    
    
    
11. Find the user in the list below. Highlight the user by clicking on the user's name. Use the Quick Action menu and select "Edit"
    
    
    
    
12. Navigate to the Roles And Scopes tab make sure "Assigned roles" have the following role
    
    • 10 - UW Unit Manager
    
    
    
    
    
13. In the "Edit Scope" section, remove all existing BLUE tags or tags that ends with the letters "-CA" and GREEN tags or tags that ends with the letters "-WebApp" by clicking on the "X" next to the tag
    
    
    
    
14. In the "Edit Scope" section, click on "Select." In the search box type in the A#### of the Business Unit to search. IF there is a BLUE tag or a tag that ends in "-CA" and matches the Business Unit then click on the tag.
    
    
    
    
15. Hit Save!
    
    
    
    
16. Send a Cybersecurity Formatted email via WiscIT by either responding to the WiscIT incident or creating a new incident if there is no existing WiscIT incident
    • Subject: Qualys Account Permission Update
    • Service: Vulnerability Management
    • Category: Qualys
    • Subcategory: Submit Incident
    • Requestor: Requester's Name
    • Description and Body of Email:
      

      Hello {first_name},
      
      Thank you for reaching out to the Office of Cybersecurity. Your permissions have been updated in Qualys and you should now be able to access your assets. Please log out of Qualys, clear the cache and log in again.
      
      {Your Name Here}
      Office of Cybersecurity
      

FAQ

• The requester's UDDS does not exist in the drop-down
  Please escalate the WiscIT incident to Security-Tools team.