Skip navigation

A new release of Qualys Cloud Suite, Version 8.6, includes an API update which is targeted for release in October 2015.

 

This API notification provides an early preview into the coming API changes in Qualys 8.6, allowing you to proactively identify any changes that might be required for your automated scripts or programs that utilize the API methods.

 

This release includes six features with changes to XML, CSV output, and/or DTD which could impact existing API implementations.  Notification about other new API features along with additional details and examples will be posted prior to the release.

 

For details about the changes, please see the attached detailed release notification below.  Full release notes will be available to customers on the day of the release.

 

Summary of Changes:

Select Scanner Appliances using Asset Tags - With this release you can use asset tags to select scanner appliances for your scans.  The related scan and schedule API v2 (/api/2.0/fo/scan/, /api/2.0/fo/schedule/scan/, /api/2.0/fo/appliance/) have been updated to support this new feature.  There are several new API requests and related XML output as well as a change to the appliance list output DTD (appliance_list_output.dtd).

 

Appliance List Output - Running Slices Count added - We’ve updated the appliance list output to tell you if an appliance is available or busy.  The Appliance API v2 (api/2.0/fo/appliance/) has been updated along with related XML output.  A new section has been added to the Appliance List Output DTD (appliance_list_output.dtd).

 

User List Output - Timezone Code added - The User List v1 API (/msp/user_list.php) lets you view the users in the subscription. The user list output now includes the timezone code selected for each user - either the browser’s timezone (Auto) or a user-selected timezone (e.g., US-NY). The XML output and User List Output DTD (user_list_output.dtd) have been updated.

 

Scan List Output - Target No Longer Truncated - We will now show the full list of target IPs in the output when you make a scan list request.  The Scan API v2 (/api/2.0/fo/scan/) and related XML output have been updated.

 

VM - Download the KnowledgeBase to CSV, XML - You can download the KnowledgeBase in the same way you download other data lists from the UI.  The output is provided in CSV or XML.

 

PC - Display reference information in reports - With this release you can view the Reference information for controls in Policy Compliance and Compliance Interactive reports. The XML output and several DTDs have updates (individual_host_compliance_report.dtd, control_pass_fail_report.dtd).


A new release of Qualys WAS, Version 4.3 which includes API updates, is targeted for release in October. The specific day will differ depending on the platform.  See platform release dates for more information.  The updated APIs for WAS 4.3 enhance the ability to fully automate and integrate the Qualys WAS solution with other customer applications.  WAS APIs enable customers to perform all the major functions within WAS including creating web applications to scan, launching and scheduling scans, and running and retrieving reports.  The APIs enable custom integrations with GRC tools, bug tracking systems and web application firewalls (WAFs) just to name a few.

 

 

This API notification provides an early preview into the coming API changes in Qualys WAS 4.3, allowing you to proactively identify any changes that might be required for your automated scripts or programs that utilize the API methods.


 

API Enhancements

 

Scan Status Enhancements


We’ve improved the reporting of scan status to help users better understand scan status. Enhancements include:

 

“Time Limit Exceeded” has been changed to "Time Limit Reached"

The status “Time Limit Exceeded” is no longer used.


Updated Status “No Web Service Detected”

We will now report this status when QID 150111 is reported in the scan results (element WEB_SITE/IGS/IG/QID).


New Status “Service Errors Detected”

This new status tells you the scan stopped before completion due to service errors related to timeouts during the scan, for example exceeding connection timeouts/error threshold.


New Status “Scan Internal Error”

This new status tells you the scan encountered an unexpected and unrecoverable error, which forced it to stop assessment.

 

 

Scan API

 

Updated XSD: scan.xsd/wasscan.xsd

 

New filters for Scan COUNT, Scan SEARCH

 

Includes scans with the new status using the resultsStatus filter.

 

New values for resultsStatus
TIME_LIMIT_REACHEDInclude scans with scan status “Time Limit Reached”. Previous filter TIME_LIMIT_EXCEEDED is no longer valid.
SERVICE_ERRORInclude scans with scan status “Service Errors Detected”
SCAN_INTERNAL_ERRORInclude scans with scan status “Scan Internal Error”

 


Sample for Scan COUNT

API request:

 

curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @-  "https://qualysapi.qualys.com/qps/rest/3.0/count/was/wasscan" < file.xml

 

Note: “file.xml” contains the request POST data.

 

Request POST data:

 

<ServiceRequest>

  <filters>

      <Criteria field="resultsStatus" operator="IN">SERVICE_ERROR, SCAN_INTERNAL_ERROR</Criteria>

  </filters>

</ServiceRequest>

 

Response:

 

<?xml version="1.0" encoding="UTF-8"?>

<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="https://qualysapi.qualys.com/qps/xsd/3.0/was/wasscan.xsd">

    <responseCode>SUCCESS</responseCode>

    <count>38</count>

</ServiceResponse>

 

Updated response from Scan SEARCH, Scan GET

 

The resultsStatus element in the XML output now reports one of the new scan status values as appropriate: TIME_LIMIT_REACHED, SERVICE_ERROR, SCAN_INTERNAL_ERROR.

 

Sample for Scan SEARCH

 

Request POST data:

 

<ServiceRequest>

  <filters>

      <Criteria field="resultsStatus" operator="IN">SERVICE_ERROR, SCAN_INTERNAL_ERROR, TIME_LIMIT_REACHED</Criteria>

      <Criteria field="id" operator="IN">1352324,1327378,1353021</Criteria>

  </filters>

</ServiceRequest>

 

Response:

 

<?xml version="1.0" encoding="UTF-8"?>

<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="https://qualysapi.qualys.com/qps/xsd/3.0/was/wasscan.xsd">

  <responseCode>SUCCESS</responseCode>

  <count>3</count>

  <hasMoreRecords>false</hasMoreRecords>

  <data>

    <WasScan>

      <id>1327378</id>

      <name><![CDATA[TLE Test]]></name>

      <reference>was/1438303380031.1842885</reference>

      <type>VULNERABILITY</type>

      <mode>ONDEMAND</mode>

      <multi>false</multi>

      <target>

        <webApp>

          <id>1901948</id>

          <name><![CDATA[My Web App WAF]]></name>

          <url><![CDATA[http://10.10.26.238/waf]]></url>

        </webApp>

        <scannerAppliance>

          <type>EXTERNAL</type>

        </scannerAppliance>

        <cancelOption>SPECIFIC</cancelOption>

      </target>

      <profile>

        <id>69923</id>

        <name><![CDATA[My Profile 23]]></name>

      </profile>

      <launchedDate>2015-07-31T00:43:00Z</launchedDate>

      <launchedBy>

        <id>4354</id>

        <username>acme_ab1</username>

        <firstName><![CDATA[John]]></firstName>

        <lastName><![CDATA[Smith]]></lastName>

      </launchedBy>

      <status>FINISHED</status>

      <summary>

        <crawlDuration>141</crawlDuration>

        <testDuration>47</testDuration>

        <linksCrawled>30</linksCrawled>

        <nbRequests>3466</nbRequests>

        <resultsStatus>TIME_LIMIT_REACHED</resultsStatus>

        <authStatus>NONE</authStatus>

        <os>Linux 2.4-2.6 / Embedded Device / F5 Networks Big-IP</os>

      </summary>

    </WasScan>

    <WasScan>

      <id>1352324</id>

      <name><![CDATA[Schedule proxy Internal - Proxy out of scope to subuser]]></name>

      <reference>was/1441617604130.1847313</reference>

      <type>VULNERABILITY</type>

      <mode>SCHEDULED</mode>

      <multi>false</multi>

      <target>

        <webApp>

          <id>2309688</id>

          <name><![CDATA[My Web App BOQ]]></name>

          <url><![CDATA[http://10.10.26.238/boq/]]></url>

        </webApp>

        <scannerAppliance>

          <type>INTERNAL</type>

          <friendlyName><![CDATA[acme_sa1]]></friendlyName>

        </scannerAppliance>

        <proxy>

          <id>1425</id>

          <name><![CDATA[My Proxy]]></name>

          <url><![CDATA[http://10.10.10.11]]></url>

        </proxy>

      </target>

      <profile>

        <id>270541</id>

        <name><![CDATA[My Profile 41]]></name>

      </profile>

      <launchedDate>2015-09-07T09:20:04Z</launchedDate>

      <launchedBy>

        <id>4355</id>

        <username>qualys_ag2</username>

        <firstName><![CDATA[Alan]]></firstName>

        <lastName><![CDATA[Green]]></lastName>

      </launchedBy>

      <status>FINISHED</status>

      <summary>

        <crawlDuration>774</crawlDuration>

        <testDuration>4</testDuration>

        <linksCrawled>300</linksCrawled>

        <nbRequests>2785</nbRequests>

        <resultsStatus>SERVICE_ERROR</resultsStatus>

        <authStatus>NONE</authStatus>

        <os>Linux 2.4-2.6 / Embedded Device / F5 Networks Big-IP</os>

      </summary>

    </WasScan>

    <WasScan>

      <id>1353021</id>

      <name><![CDATA[Sched Vulnerability Scan - 2.7.0.10 WA - 2015-Mar-09]]></name>

      <reference>was/1441488303443.1847104</reference>

      <type>VULNERABILITY</type>

      <mode>SCHEDULED</mode>

      <multi>false</multi>

      <target>

        <webApp>

          <id>2284474</id>

          <name><![CDATA[My Web App 238]]></name>

          <url><![CDATA[http://10.10.26.238]]></url>

        </webApp>

        <scannerAppliance>

          <type>EXTERNAL</type>

        </scannerAppliance>

      </target>

      <profile>

        <id>139359</id>

        <name><![CDATA[My Profile 59]]></name>

      </profile>

      <launchedDate>2015-09-05T21:25:03Z</launchedDate>

      <launchedBy>

        <id>4354</id>

        <username>acme_ag2</username>

        <firstName><![CDATA[Alan]]></firstName>

        <lastName><![CDATA[Green]]></lastName>

      </launchedBy>

      <status>FINISHED</status>

      <summary>

        <resultsStatus>SCAN_INTERNAL_ERROR</resultsStatus>

        <authStatus>NONE</authStatus>

      </summary>

    </WasScan>

  </data>

</ServiceResponse>

 

Sample for Scan GET Output (for SCAN_INTERNAL_ERROR)

 

Response:

 

<?xml version="1.0" encoding="UTF-8"?>

<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="https://qualysapi.qualys.com/qps/xsd/3.0/was/scan.xsd">

  <responseCode>SUCCESS</responseCode>

  <count>1</count>

  <data>

    <WasScan>

      <id>1353021</id>

      <name><![CDATA[Sched Vulnerability Scan - 2.7.0.10 WA - 2015-Mar-09]]></name>

      <reference>was/1441488303443.1847104</reference>

      <type>VULNERABILITY</type>

      <mode>SCHEDULED</mode>

      <progressiveScanning>true</progressiveScanning>

      <multi>false</multi>

      <target>

        <webApp>

          <id>2284474</id>

          <name><![CDATA[My Web App 238]]></name>

          <url><![CDATA[http://10.10.26.238]]></url>

        </webApp>

        <scannerAppliance>

          <type>EXTERNAL</type>

        </scannerAppliance>

      </target>

      <profile>

        <id>139359</id>

        <name><![CDATA[My Profile 59]]></name>

      </profile>

      <options>

        <count>14</count>

        <list>

          <WasScanOption>

            <name>Web Application Authentication Record Name</name>

            <value><![CDATA[None]]></value>

          </WasScanOption>

          <WasScanOption>

            <name>Sensitive Content: Credit Card Numbers</name>

            <value><![CDATA[false]]></value>

          </WasScanOption>

          <WasScanOption>

            <name>Performance Settings</name>

            <value><![CDATA[LOW]]></value>

          </WasScanOption>

          <WasScanOption>

            <name>Scanner Appliance</name>

            <value><![CDATA[External (IP: 10.10.21.160, Scanner: 7.14.37-1, WAS: 3.9.50-1, Signatures: 2.3.30-1)]]></value>

          </WasScanOption>

          <WasScanOption>

            <name>Detection Scope</name>

            <value><![CDATA[COMPLETE]]></value>

          </WasScanOption>

          <WasScanOption>

            <name>Crawling Form Submissions</name>

            <value><![CDATA[BOTH]]></value>

          </WasScanOption>

          <WasScanOption>

            <name>Bruteforce Settings</name>

            <value><![CDATA[EXHAUSTIVE]]></value>

          </WasScanOption>

          <WasScanOption>

            <name>Option Profile Name</name>

            <value><![CDATA[10 Links edit]]></value>

          </WasScanOption>

          <WasScanOption>

            <name>Maximum Crawling Links</name>

            <value><![CDATA[10]]></value>

          </WasScanOption>

          <WasScanOption>

            <name>Web Application Name</name>

            <value><![CDATA[My Web App]]></value>

          </WasScanOption>

          <WasScanOption>

            <name>Request Parameter Set</name>

            <value><![CDATA[My Parameter Set]]></value>

          </WasScanOption>

          <WasScanOption>

            <name>Sensitive Content: Social Security Numbers (US)</name>

            <value><![CDATA[false]]></value>

          </WasScanOption>

          <WasScanOption>

            <name>Cancel At</name>

            <value><![CDATA[1441557900000]]></value>

          </WasScanOption>

          <WasScanOption>

            <name>Target URL</name>

            <value><![CDATA[http://10.10.26.238]]></value>

          </WasScanOption>

        </list>

      </options>

      <launchedDate>2015-09-05T21:25:03Z</launchedDate>

      <launchedBy>

        <id>4354</id>

        <username>acme_ag2</username>

        <firstName><![CDATA[Alan]]></firstName>

        <lastName><![CDATA[Green]]></lastName>

      </launchedBy>

      <status>FINISHED</status>

      <scanDuration>171606</scanDuration>

      <summary>

        <resultsStatus>SCAN_INTERNAL_ERROR</resultsStatus>

        <authStatus>NONE</authStatus>

      </summary>

      <sendMail>true</sendMail>

    </WasScan>

  </data>

</ServiceResponse>

 

Report API

 

Updated XSD: report.xsd

 

For Scorecard Report creation request, you can include scans with the status “Service Errors Detected” by specifying the filters/scanStatus element with the value SERVICE_ERROR.

 

API request:

 

curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @-

"https://qualysapi.qualys.com/qps/rest/3.0/create/was/report" < file.xml

 

Note: “file.xml” contains the request POST data.

 

Request POST data:

 

<ServiceRequest>

  <data>

    <Report>

      <name><![CDATA[My Scorecard Report]]></name>

      <description><![CDATA[A simple scorecard report]]> </description>

      <format>PDF</format>

      <type>WAS_SCORECARD_REPORT</type>

      <config>

        <scorecardReport>

          <target>

            <tags>

              <Tag>

                <id>243130</id>

              </Tag>

            </tags>

          </target>

          <display>

            <contents>              <ScorecardReportContent>DESCRIPTION</ScorecardReportContent>              <ScorecardReportContent>SUMMARY</ScorecardReportContent>              <ScorecardReportContent>GRAPHS</ScorecardReportContent>              <ScorecardReportContent>RESULTS</ScorecardReportContent>

            </contents>

            <graphs>        <ScorecardReportGraph>VULNERABILITIES_BY_GROUP</ScorecardReportGraph>        <ScorecardReportGraph>VULNERABILITIES_BY_OWASP</ScorecardReportGraph>        <ScorecardReportGraph>VULNERABILITIES_BY_WASC</ScorecardReportGraph>

          </graphs>

          <groups>

            <ScorecardReportGroup>GROUP</ScorecardReportGroup>

            <ScorecardReportGroup>OWASP</ScorecardReportGroup>

            <ScorecardReportGroup>WASC</ScorecardReportGroup>

          </groups>

          <options>

            <rawLevels>false</rawLevels>

          </options>

            </display>

            <filters>

                <scanDate>

                <startDate>2014-06-28</startDate>

                <endDate>2014-07-28</endDate>

              </scanDate>

              <scanStatus>SERVICE_ERROR</scanStatus>

              <scanAuthStatus>NONE</scanAuthStatus>

            </filters>

          </scorecardReport>

        </config>

      </Report>

  </data>

</ServiceRequest>

Filter Blog

By date: By tag: