Skip navigation

API Notification

Dear API Users,

A new update of QualysGuard®, version 6.18, will be available in production in approximately 30 days. This release is completely transparent to users and will require no scheduled downtime.


QualysGuard 6.18 includes a number of API enhancements. This notification provides an early preview of these API enhancements, allowing you to make any changes to automated scripts or code that utilize the following APIs:

Authentication API Updates for SNMPv2c and SNMPv3

For QualysGuard 6.18 updates were made to the SNMP scan authentication API to add support for SNMPv2c and SNMPv3. Users can now create and update authentication records for these newly supported SNMP versions. SNMP records created prior to this release are set to SNMPv1 by default.


The /api/2.0/fo/auth/snmp resource is used to manage SNMP authentication records. For this release changes were made to input parameters used to add or edit an SNMP record (action=create and action=update) and the SNMP authentication list DTD (auth_snmp_list_output.dtd).

PCI Flag Added to Asset Data Report

For QualysGuard 6.18 updates were made to the XML output for QualysGuard reports to reflect the PCI status for each vulnerability listed. A PCI flag value of “1” indicates that the vulnerability must be fixed to pass a PCI compliance scan. This information is shown in the <PCI_FLAG> element in the Asset Data Report DTD (asset_data_report.dtd).

Map Title Added to Map Report List

For QualysGuard 6.18 updates were made to the map report list API to include the title of the map report. This information is shown in the <TITLE> element in the Map report list DTD (map_report_list.dtd).

Compliance Policy Report XML

For QualysGuard 6.18 improvements were made to the policy editor and policy reporting. Updates were made to the compliance policy report XML & DTD (compliance_policy_report.dtd). The policy report XML is returned when you download a saved policy report using the Report Share API or the QualysGuard user interface.

Compliance Posture Information Output XML

For QualysGuard 6.18 improvements were made to the policy editor and policy reporting. Updates were made to the compliance posture information output XML & DTD (posture_info_list_output.dtd). The compliance posture information output XML is returned from an API request for compliance policy posture information.


Full details regarding these XML changes are available within the Qualys community at:


API release notes will be available to customers from within the Resources section of your QualysGuard account. To receive more information on QualysGuard 6.18, please visit the Qualys Community at or contact your Technical Account Manager or Qualys' Technical Support Department at


We thank you for your continued support and look forward to continuously improving our services.


Qualys Customer Advocacy Group

Dear Customers-


A new update of QualysGuard® version 6.17 will be available in production on Monday, February 7th 2011 for the US platform, and on later on this month for the EU platform. For additional information, please check the US release notification and the EU release notification.


Please, remember that you can receive these QualysGuard Release Notifications using this self-subscription page:


QualysGuard 6.17 includes the following API enhancements:

  • New QualysGuard Detection API

QualysGuard 6.17 includes a new “detection” extension to the version 2 API that is available via following URL:  This gives API users the ability to obtain the most current vulnerability data (“automatic” data) associated to host assets in a XML format that can be easily imported into third party solutions.  The detection API is a recommended replacement for other existing API calls such as “asset_range_info.php”, “asset_data_report.php”, “asset_search.php” and “get_host_info.php”.

Additional details about the new detection API, including examples and typical uses cases are available here:

  • New Virtual Patch Information

With QualysGuard 6.17 new virtual patch information is correlated with vulnerabilities when this information is available from Trend Micro. When virtual patch information is correlated with a vulnerability, one or more virtual patches from Trend Micro appear in the Solution section under the solution description provided by Qualys.

The <SOLUTION> element in the XML output describes the recommended solution for fixing each vulnerability detected by the service. One or more virtual patches will be included, when available from Trend Micro for the following API calls:

    • scan.php
    • scan_report.php
    • asset_range_info.php
    • asset_data_report.php
    • get_host_info.php
    • get_tickets.php
    • ticket_list.php
    • knowledgebase_download.php


  • New OS Pattern Filter for Host API

The new input parameter “os_pattern” for the host API (with the /api/2.0/fo/asset/host API endpoint) allows the user to filter hosts for processing based on a Perl-style regular expression. The “os_pattern” parameter is supported for both a host list request (action=list) and for a host purge request (action=purge).

The existing input parameters continue to be available, as described in the QualysGuard API documentation. Please see the QualysGuard API V2 User Guide, Chapter 5 for complete information using the host API to view a host list and purge hosts.


  • Support for Cisco IOS Authentication

This release introduces a new authentication type: Cisco IOS. Cisco IOS authentication allows users to perform authenticated scans of Cisco IOS devices that support the SSH protocol (SSH1 and SSH2) and telnet. For compliance scans, successful authentication to target hosts is required.

Cisco IOS authentication must be performed with superuser (root) privileges. The user account provided for authentication must be able to execute the following commands:

    1. “show version” to identify the version of the Cisco IOS device
    2. “show logging” to gather logging configuration information
    3. “show running-config” (from the “enable” shell) to gather current system configuration settings.

The /api/2.0/fo/auth/unix resource allows you to manage Unix and Cisco IOS authentication records. You can submit API requests to view Unix authentication records, add new records, update records and delete records.

Important Note: One IP address in the user’s account can be added to one Cisco IOS record or one Unix record.


Full API release notes will be available to download from within the Resources section of your QualysGuard account. If you have any question, please let us know.




Eric Perraudeau

Product Manager for API and Integrations

+1 650 801 7750

Filter Blog

By date: By tag: