Run security scans and create reports without leaving Slack. Team members use a simple Slack shortcut to launch a scan or request a report. IT and security teams get faster results and fewer manual steps.

Incoming Slack events hit an n8n webhook, then a Set node parses the payload so the data is easy to work with. A Switch node routes the request. n8n replies to Slack right away, then opens the right modal with HTTP calls to Slack views.open. After a user submits the form, the flow closes the modal, maps fields into clean variables, and calls sub workflows to start a vulnerability scan or generate a report in Qualys. Status messages and outputs flow back into Slack as configured in the sub workflows.

Setup requires a Slack app with Events and Interactivity, plus a Qualys account with API access. Expect scan kickoff time to drop from minutes to seconds, with fewer errors due to required fields in modals. Common uses include on demand asset scans during incidents and quick PDF report requests for audits. Follow the steps to connect Slack credentials in n8n, point the webhook URL in Slack, and update channel targets in the sub workflows.

• Webhook intake from Slack Events to start the flow on every interaction
• Payload parsing with a Set node to extract body.payload into a clean object
• Smart routing with Switch nodes to open a scan modal or a report modal
• Slack modals opened via HTTP requests to views.open using Slack credentials
• Immediate replies to Slack using Respond to Webhook nodes to avoid timeouts
• Close modal action after submission to keep the Slack UI clean
• Field mapping with Set nodes for scan and report variables including platform URL
• Execute Workflow calls that start scans and create reports in Qualys sub workflows

• Reduce scan kickoff time from 30 minutes to 2 minutes by launching from Slack
• Streamline request routing by 70 percent with guided modals
• Improve input accuracy by 90 percent using required fields
• Connect Slack and Qualys so teams avoid context switching
• Support many concurrent requests with event based handling

1. Import the template into n8n: Create a new workflow in n8n > Click the three dots menu > Select 'Import from File' > Choose the downloaded JSON file.
2. You'll need accounts with Slack and Qualys. See the Tools Required section above for links to create accounts with these services.
3. In your Slack app settings, enable Event Subscriptions and Interactivity. Set the Request URL to the Webhook node URL from n8n and save changes after Slack verifies it.
4. In Slack, add permissions for views write and commands, plus chat write if your sub workflows post messages. Reinstall the app to your workspace to apply scopes.
5. In n8n, open the HTTP Request nodes named Vuln Scan Modal and Scan Report Task Modal. In the credential dropdown, click Create new credential for Slack, then follow the on screen steps.
6. Open the Set node Required Scan Variables and confirm the platform URL matches your Qualys environment. Update other defaults as needed.
7. Check the Execute Workflow nodes for scan and report. Make sure the referenced sub workflows exist in your n8n and are enabled.
8. In the sub workflows, update any Slack channel fields as noted so results post to the right channels.
9. In Qualys, confirm API access for your user. If using an API key or token in sub workflows, create credentials in n8n Credentials and link them there.
10. Test the Slack shortcut or slash command. A modal should open. Submit the form and watch n8n Executions to confirm the route and the sub workflow run.
11. If modals do not open, verify the Slack app has views write scope and the HTTP Request nodes use the correct Slack credential. If Slack times out, make sure Respond to Webhook nodes fire before long actions.
12. Once verified, share the Slack shortcut with the team and set basic channel rules for who can launch scans.