A new release of Qualys Cloud Suite, Version 8.12, this version # applies to Qualys Vulnerability Management (VM) and Policy Compliance (PC), includes an updated API which is targeted for release in January 2018. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API. Please refer to the detailed release notes attached to this notification for more information.
Dynamic Search List API - Support for CPE Type /api/2.0/fo/qid/search_list/dynamic/
The Dynamic Search List API lets you create/update dynamic search lists and get information about them. We’ve added API support for CPE “part” values (Operating System, Application, Hardware) in dynamic search lists, allowing you to target specific vulnerabilities for sending to the appropriate remediation teams.
Asset Group List Output - DTD Change
The Asset Group List Output DTD is used when you list the asset groups in your account. We’ve made several changes to this DTD.
Compliance Authentication Report - DTD Change /api/2.0/fo/report with action=fetch
The Compliance Authentication Report DTD is used when you download a saved authentication report from your account. We’ve made updates to this DTD to add missing elements that resulted in validation errors.
Support for CertView scans (coming soon!)
We’ve made updates to the Scan API to support CertView scans when CertView GA is released (keep in mind CertView scans are not supported at this time).
Scan List API /api/2.0/fo/scan/?action=list
Launch Scan API /api/2.0/fo/schedule/scan/?action=launch
Schedule Scan API /api/2.0/fo/schedule/scan/?action=create
Add Asset API /api/2.0/fo/asset/ip/?action=add
A new release of Qualys Cloud Suite, Version 2.31, includes an updated API which is targeted for release in January 2017. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API.
New Way to Track API usage
You can now track API usage by a user without the need to provide user credentials such as the username and password.API usage can be tracked using the X-Powered-By HTTP header which includes a unique ID generated for each subscription and a unique ID generated for each user. Once enabled, the X-Powered-By HTTP header is returned for each API request made by a user. Note: This functionality should now be available platform wide.
CA - Activate / Deactivate FIM and IOC modules for an agent /qps/rest/2.0/activate/am/asset/
You can now activate or deactivate FIM and IOC modules for an agent through a single API request.
AWS Asset Data Connector API - Support for China Region /qps/rest/2.0/create/awsassetdataconnector
Now you can easily scan EC2 instances included in the AWS China region for vulnerabilities and policy compliance using the Qualys Cloud Platform. You can create/update EC2 connectors to pull instance info from the China region, activate discovered instances for the VM, PC or SCA module, and scan them using our EC2 scan workflow.