Importing Qualys Web Application Scans

NOTE: This import applies to Qualys scanning products. For more information about importing Nessus or other vulnerability scanning product scans, head here.

Importing a Scan with a New Mapping 

Navigate to Vulnerabilities via the left navigation panel. 

Select Import Vulnerabilities at the top right. 

Select Choose a File from the pop-up modal. Ensure the uploaded file is in CSV format upon upload. Max file size is 30MB. If your file size is bigger, consider breaking it down into multiple files for import.

Here is an example of a Qualys upload CSV file. The CVS file uploaded into the tool should match the example file. When a QID is mapped to the Source ID 6clicks field, our system will derive the vulnerability details referencing the Glossary section in the import file using the QID. When uploading the Qualys WAS scan, ensure the Results table containing the QID and the Glossary table are in the import file.

Once the file has been uploaded. On the right side of the modal select Create New Mapping.

Select Qualys. 

Select WAS Scan. 

Select Create New Mapping. 

Next, you'll need to map the source fields with an existing 6clicks Field or create a New Field.  The mandatory and recommended 6clicks fields to be mapped are:


  • Title (6clicks field) must be mapped to Name (import file field). 
  • Host IP (6clicks field) must be mapped to Host (import file field); OR
  • URL (6clicks field) must be mapped to URL (import file field).


  • Source ID (6clicks field) mapped to QID (import file field). When a source ID is mapped, our system references the source ID for comparing and updating the vulnerability records of the respective asset upon import. If not mapped, the system references the Title for comparison and updates.
  • Port (import file field) mapped to Port (6clicks field). Because the scanned asset could have multiple ports, the same vulnerability for the asset may appear over multiple lines for each port. Mapping the ports allows 6clicks to consolidate all the ports into one asset and vulnerability.

Mapping Severity Fields

Different tools have different names for the severity rating of a vulnerability. 6clicks uses a common naming convention as per NIST. The default severity ratings are:

  1. None
  2. Low
  3. Medium
  4. High
  5. Critical

To correctly map the import file severity rating to the 6clicks default ratings, ensure you map the Severity header in the import file to the Severity 6clicks property.

Once you have completed the mapping process for all properties, click Next

If you have mapped the severity ratings, you will be shown the Severity Mapping screen. Here you can map the values in your import file to the 6clicks default values. Below is an example where the import file used a 1-5 to indicate severity. Sometimes, your file may not include all severity values, so you will need to create them in the left column of fields. This is important for future scan imports where the severity rating does appear.

Once the scan has been imported successfully, a message will appear. Click View Summary to view the imported scan. 

The imported scan will show under the Imported Scans tab. 

The list of vulnerabilities will be found under the Vulnerabilities tab.

Newly created mapping details can be found under the Scan Mappings tab.

Importing a Scan with an Existing Mapping

The importing of the excel file is the same as shown above. Once the file has been imported, select an existing scan from the list, then select Import. 

Once the scan has been imported successfully, a message will appear. Click View Summary to view the imported scan. 

The imported scan will show under the Imported Scans tab.