A new release of Qualys WAS, Version 3.6 which includes new APIs, is targeted for release in late September.
This API notification provides an early preview into the coming API additions in Qualys WAS 3.6, allowing you to identify new opportunities to automate your Qualys service or to integrate with other applications. Qualys WAS 3.6 includes some modifications to existing APIs that required 30 day notification that can be viewed here QualysGuard WAS 3.6 API Release Notification.
Full release notes will be available to customers on the day of the release.
New Findings API
The new Findings API (<baseURL>/qps/rest/3.0/<operation>/was/finding) lets you manage the findings (detections) returned from your web application scans. This provides organizations with an easy way to integrate with an organizations trouble ticketing system that may want to track the status of vulnerabilities. It also provides a way to automate taking actions to ignore or activate vulnerabilities based on events from external systems such as risk management or bug tracking applications.
The API developer guide that includes examples and detailed instructions will be available on the date of the release. These operations are available:
New Option Profile API
The new Option Profile API (<baseURL>/qps/rest/3.0/<operation>/was/optionprofile) lets you manage option profiles and customize the various scanning options. The Option Profile API enables automation and integration with the Qualys WAS Option Profile used for scanning. Option profiles can be created dynamically via API scripts or via integration with external systems. The API developer guide that includes examples and detailed instructions will be available on the date of the release.
These operations are available:
What is the <baseurl>?
This is the API server URL where your QualysGuard account is located. For an account on US Platform 1, this is <qualysapi.qualys.com>; on US Platform 2, this is <qualysapi.qg2.apps.qualys.com>; on EU Platform, this is <qualysapi.qualys.eu>.