Tim White

Qualys Cloud Suite 8.5 API Release Notification

Blog Post created by Tim White on Jun 10, 2015

A new release of Qualys Cloud Suite, Version 8.5, includes an API update which is targeted for release in July 2015.


This API notification provides an early preview into the coming API changes in Qualys 8.5, allowing you to proactively identify any changes that might be required for your automated scripts or programs that utilize the API methods.


This release includes five features with changes to XML and CSV output which could impact existing API implementations.  Notification about other new API features along with additional details and examples will be posted prior to the release.


For details about the changes, please see the attached detailed release notification below.  Full release notes will be available to customers on the day of the release.


Summary of Changes:

Improvements for Managing Excluded IP's - The Excluded IP API v2 (/api/2.0/fo/asset/excluded_ip/) has been updated to 1) allow users to remove all IPs from the list, 2) allow users to set an expiration date when adding IPs to the list, and 2) show expiration dates in the list output.   There are several new API requests and related XML output as well as a change to the IP list output DTD (/api/2.0/fo/asset/excluded_ip/ip_list_output.dtd).


Reporting for Vulnerabilities on Non-running Kernels - With this release users can create reports that show non-running kernels in the vulnerability details. This way you can identify vulnerabilities found on a kernel that is not the active running kernel.  We’ve updated the DTDs for the following reports: Asset Data Report, Vulnerability Scorecard Report, Ignored Vulnerabilities Report, Most Prevalent Vulnerabilities Report, Most Prevalent Hosts Report, Scorecard Patch Report.


PC - New Tomcat Server Authentication API - The new Tomcat Server Authentication API (/api/2.0/fo/auth/tomcat/) lets you to list, create, update and delete Tomcat Server authentication records.


PC - Make Policies Active or Inactive - Each policy in your account will now have a status of Active or Inactive. Your policies are active by default but you can choose to deactivate them, making them unavailable for scanning and reporting. For example, you may want to deactivate a policy that has become out of date. After updating the policy you can make it active again.   We added the policy status to the XML output returned by the Compliance Policy List API v2 (/api/2.0/fo/compliance/policy/?action=list) and updated the related DTDs (/api/2.0/fo/compliance/policy/policy_list_output.dtd,  /api/2.0/fo/compliance/policy/policy_export_output.dtd).


SCAP - Evidence added to SCAP Policy CSV Reports - Your SCAP policy reports in CSV format will now show evidence for each rule in your policy. Each rule is listed with the posture for the selected host. By reviewing the evidence you can determine why a rule passed or failed. The evidence content for a rule includes nodes (definitions and test sections) that represent the logic of the rule and the scan tests performed on the host.