Skip navigation

API Notifications

12 Posts authored by: Tim White

A new release of Qualys Cloud Suite, Version 8.7 includes an API update which is targeted soon for release. The specific day will differ depending on the platform.  See platform release dates for more information. This API notification provides an early preview into the coming API changes, allowing you to proactively identify any changes that might be required for your automated scripts or programs that utilize the API methods.

 

This 15-day notification describes new API features that do not impact existing API implementations. API changes in this release that may impact existing API implementations were already announced in the 30-day notification: Qualys Cloud Suite 8.7 API Release Notification

 

What’s New

  1. Scan Report List - New Target Element
  2. New Schedule Report API
  3. VM - Easily Identify Vulnerabilities Supported by Module
  4. VM - First Found Date Added to Asset Search Report CSV, XML
  5. VM - Show Detections Updated Since Certain Time
  6. PC - New Exception Management API

 

For more details about the above features – please review the attached release notes.

 

Platform release dates will be published on the Qualys Status page when available.

A new release of Qualys Cloud Suite, Version 2.11 includes an API update which is targeted for release in January.  This API notification provides an early preview into the coming API changes, allowing you to proactively identify any changes that might be required for your automated scripts or programs that utilize the API methods.  The specific day will differ depending on the platform.  Platform release dates will be published on the Qualys Status page when available.

 

This release gives you more ways to integrate your programs and API calls and includes new features for Continuous Monitoring and Asset Management APIs.

 

What's New

 

JSON Support - Qualys Asset Management and Tagging API v2 and the Qualys Continuous Monitoring API now support JSON requests and responses.

 

For details about the changes, please see the attached detailed release notes included below.

A new release of Qualys Cloud Suite, Version 8.7 includes an API update which is targeted for release in January 2016.   The specific day will differ depending on the platform.  See platform release dates for more information. This API notification provides an early preview into the coming API changes, allowing you to proactively identify any changes that might be required for your automated scripts or programs that utilize the API methods.

 

This release includes features with changes to XML, CSV output, and/or DTD which could impact existing API implementations.  Notification about other new API features along with additional details and examples will be posted prior to the release.

 

For details about the changes, please see the attached detailed release notification below.

 

What's New

  1. Scan Report List - New Target Element
  2. VM - Vulnerability Threat Intelligence Information
  3. VM - Easily Identify Vulnerabilities Supported by Module
  4. VM - First Found Date Added to Asset Search Report CSV, XML

 

Scan Report List - New Target Element

The Scan Report List API (/msp/scan_report_list.php) is used to retrieve a list of saved scan reports in XML format. A new TARGET element in the XML output lists the IP address(es) that were scanned. In previous releases, the target was shown as an attribute of the SCAN_REPORT element.  There are changes to the XML output and DTD.

 

VM - Vulnerability Threat Intelligence Information

We’ve added Real-time Threat Indicators to the vulnerabilities in our KnowledgeBase and you can easily report on them to get threat intelligence information right away.

 

Real-time Threat Indicators are data points collected per vulnerability that contain accurate, timely and actionable information aggregated from multiple reliable data sources, allowing you to prioritize and filter the flood of security alerts.

 

Current Real-time threat indicators include values such as Zero Day, Exploit Public, Active Attacks, High Lateral Movement, Easy Exploit, High Data Loss, Denial of Service, No Patch.

 

Changes are made to the Dynamic Search List API (v2), KnowledgeBase API (v2), and KnowledgeBase Download (v1).  Please review the release notes for details of the changes to the API calls, XML Output, and DTD.

 

VM - Easily Identify Vulnerabilities Supported by Module

Now you can find out what vulnerabilities in our KnowledgeBase are supported by different Qualys modules - VM, Cloud Agent, WAS, WAF and MD. Use the KnowledgeBase Search option to identify vulnerabilities that can be detected by VM scans, Windows Cloud Agent and Linux Cloud Agent plus more. We’ve added a supported modules section to the vulnerability (QID) information, and this is where you’ll see the Qualys modules that may be used to detect each QID.

 

Changes are made to the Dynamic Search List API (v2), KnowledgeBase API (v2), and KnowledgeBase Download (v1).  Please review the release notes for details of the changes to the API calls, XML Output, and DTD.

 

VM - First Found Date Added to Asset Search Report CSV, XML

You can now view the First Found Date of an asset in the same way you download other data of the Asset Search Report.

The report can be downloaded from the Asset Search Report page, or via the Asset Search API (v1).

 

Please review the release notes for details of the changes to the API calls, XML Output, and DTD.

A new release of Qualys Cloud Suite, Version 8.6, includes an API update which is targeted for release in November 2015.

 

This API notification provides an early preview into the upcoming API features and enhancements in Qualys Cloud Suite 8.6, allowing you to proactively identify new opportunities to automate your Qualys service or to integrate with other applications.

 

This 15-day notification describes new API features that do not impact existing API implementations. API changes in the 8.6 release that may impact existing API implementations were already announced in the 30-day notification: Qualys Cloud Suite 8.6 API Release Notification

 

Full release notes will be available to customers on the day of the release.

 

Qualys API Enhancements

 

Select Scanner Appliances using Asset Tags

 

The Scan API v2 (/api/2.0/fo/scan/) has been updated to support the selection of a scanner appliance via tags.  The parameter “scanners_in_tagset” can be used when launching or scheduling a scan using tags via the API.  The Appliance API v2 (/api/2.0/fo/appliance/) parameter "output_mode" can be used to list the asset tags for each scanner.


For more details on the new feature, please review <Qualys Cloud Suite 8.6 New Features blog entry>.

 


Appliance List Output - Running Slices Count

 

We’ve updated the Appliance API v2 (/api/2.0/fo/appliance/) appliance list output to tell you if an appliance is available or busy.  You'll see the new RUNNING_SLICES_COUNT element in the output, a 0 value indicates the appliance is not busy and available.

 


User List Output - Timezone Code

 

The User List v1 API (/msp/user_list.php) user list output now includes the timezone code selected for each user - either the browser’s timezone (Auto) or a user-selected timezone (e.g., US-NY).

 


Scan List Output - Target No Longer Truncated

 

We will now show the full list of target IPs in the output when you make a scan list request. In previous releases, we would truncate the target list after a set number of

characters and show [...] to indicate that it was truncated.

 


VM - Download the KnowledgeBase to CSV, XML

 

You can download the KnowledgeBase in the same way you download other data lists from the UI. Simply choose Download from the New menu when you’re on the KnowledgeBase tab. Then select a file format (CSV or XML). Only the records and columns shown in the UI will be included in the downloaded report.

 


VM - View multiple Oracle instances on a port

 

You’ll see scanned Oracle instances listed separately in scan results, scan reports, host detection results and ticket list output. Note you’ll need to create a separate Oracle authentication record for each of the instances you want to scan.


There are no changes made to API calls or DTDs.

 


VM - Create static search lists

 

Our new Static Search List API (/api/2.0/fo/qid/search_list/static/) lets you create, update, list, and delete static search lists and get detailed information about them.

 


VM - Create dynamic search lists

 

Our new Dynamic Search List API (/api/2.0/fo/qid/search_list/dynamic/) lets you create, update, list, and delete dynamic search lists and get detailed information about them.

 


VM - Vendor IDs and references PC

 

Our new Vendor API (/api/2.0/fo/vendor/) lists vendor IDs and names. This vendor information may be defined as part of dynamic search list query criteria.

 


VM - Display Host Identification Information in Scan Reports

 

When you have cloud agents they’re collecting additional host information. Now you can include more host identification information in your scan reports like IP addresses (IPv4 and IPv6) and the asset ID for each host. This option is available for scan reports in all formats, including XML. The Asset Data Report DTD has been updated. (This information is only available when VM agents are licensed in your account.)

 


PC - Display reference information in reports

With this release you can view the Reference information for controls in Policy Compliance and Compliance Interactive reports. We’ve updated DTDs for Individual Host Compliance Report (individual_host_compliance_report.dtd) and Control Pass/Fail Report (control_pass_fail_report.dtd).

 


A new release of Qualys Cloud Suite, Version 8.6, includes an API update which is targeted for release in October 2015.

 

This API notification provides an early preview into the coming API changes in Qualys 8.6, allowing you to proactively identify any changes that might be required for your automated scripts or programs that utilize the API methods.

 

This release includes six features with changes to XML, CSV output, and/or DTD which could impact existing API implementations.  Notification about other new API features along with additional details and examples will be posted prior to the release.

 

For details about the changes, please see the attached detailed release notification below.  Full release notes will be available to customers on the day of the release.

 

Summary of Changes:

Select Scanner Appliances using Asset Tags - With this release you can use asset tags to select scanner appliances for your scans.  The related scan and schedule API v2 (/api/2.0/fo/scan/, /api/2.0/fo/schedule/scan/, /api/2.0/fo/appliance/) have been updated to support this new feature.  There are several new API requests and related XML output as well as a change to the appliance list output DTD (appliance_list_output.dtd).

 

Appliance List Output - Running Slices Count added - We’ve updated the appliance list output to tell you if an appliance is available or busy.  The Appliance API v2 (api/2.0/fo/appliance/) has been updated along with related XML output.  A new section has been added to the Appliance List Output DTD (appliance_list_output.dtd).

 

User List Output - Timezone Code added - The User List v1 API (/msp/user_list.php) lets you view the users in the subscription. The user list output now includes the timezone code selected for each user - either the browser’s timezone (Auto) or a user-selected timezone (e.g., US-NY). The XML output and User List Output DTD (user_list_output.dtd) have been updated.

 

Scan List Output - Target No Longer Truncated - We will now show the full list of target IPs in the output when you make a scan list request.  The Scan API v2 (/api/2.0/fo/scan/) and related XML output have been updated.

 

VM - Download the KnowledgeBase to CSV, XML - You can download the KnowledgeBase in the same way you download other data lists from the UI.  The output is provided in CSV or XML.

 

PC - Display reference information in reports - With this release you can view the Reference information for controls in Policy Compliance and Compliance Interactive reports. The XML output and several DTDs have updates (individual_host_compliance_report.dtd, control_pass_fail_report.dtd).

A new release of Qualys Cloud Suite, Version 8.5, includes an API update which is targeted for release in August 2015.

 

This API notification provides an early preview into the upcoming API features and enhancements in Qualys Cloud Suite 8.5, allowing you to proactively identify new opportunities to automate your Qualys service or to integrate with other applications.

 

This 15-day notification describes new API features that do not impact existing API implementations. API changes in the 8.5 release that may impact existing API implementations were already announced in the 30-day notification: Qualys Cloud Suite 8.5 API Release Notification.

 

Full release notes will be available to customers on the day of the release.

 

Qualys API Enhancements

 

Improvements for Managing Excluded IPs

 

The Excluded IP API v2 (/api/2.0/fo/asset/excluded_ip/) has been updated to 1) allow users to remove all IPs from the list, 2) allow users to set an expiration date when adding IPs to the list, and 3) show expiration dates in the list output.

 


User API Accepts Time Zone Codes

 

With this release the User API (/msp/user.php) allows you to assign a time zone code to a user account using the new optional parameter “time_zone_code”.

 


Launch Report API Accepts Recipient Groups

 

The Launch Report API has been updated to allow users to notify distribution groups when a report is complete, using the new optional parameter “recipient_group_id”.

 


VM - Create Reports with Non-Running Kernels in Vulnerability Details

 

Several report DTDs have been updated to show vulnerabilities found on a kernel that is not the active running kernel. This option must be selected in the report template.

 


PC - New Tomcat Server Authentication API

 

The new Tomcat Server Authentication API (/api/2.0/fo/auth/tomcat/) lets you to list, create, update and delete Tomcat Server authentication records.

 


PC - Make Policies Active or Inactive

 

Policy status has been added to the XML output returned by the Compliance Policy List API (/api/2.0/fo/compliance/policy/?action=list) and the Export Compliance Policy API (/api/2.0/fo/compliance/policy/?action=export).

A new release of Qualys Cloud Suite, Version 8.5, includes an API update which is targeted for release in July 2015.

 

This API notification provides an early preview into the coming API changes in Qualys 8.5, allowing you to proactively identify any changes that might be required for your automated scripts or programs that utilize the API methods.

 

This release includes five features with changes to XML and CSV output which could impact existing API implementations.  Notification about other new API features along with additional details and examples will be posted prior to the release.

 

For details about the changes, please see the attached detailed release notification below.  Full release notes will be available to customers on the day of the release.

 

Summary of Changes:

Improvements for Managing Excluded IP's - The Excluded IP API v2 (/api/2.0/fo/asset/excluded_ip/) has been updated to 1) allow users to remove all IPs from the list, 2) allow users to set an expiration date when adding IPs to the list, and 2) show expiration dates in the list output.   There are several new API requests and related XML output as well as a change to the IP list output DTD (/api/2.0/fo/asset/excluded_ip/ip_list_output.dtd).

 

Reporting for Vulnerabilities on Non-running Kernels - With this release users can create reports that show non-running kernels in the vulnerability details. This way you can identify vulnerabilities found on a kernel that is not the active running kernel.  We’ve updated the DTDs for the following reports: Asset Data Report, Vulnerability Scorecard Report, Ignored Vulnerabilities Report, Most Prevalent Vulnerabilities Report, Most Prevalent Hosts Report, Scorecard Patch Report.

 

PC - New Tomcat Server Authentication API - The new Tomcat Server Authentication API (/api/2.0/fo/auth/tomcat/) lets you to list, create, update and delete Tomcat Server authentication records.

 

PC - Make Policies Active or Inactive - Each policy in your account will now have a status of Active or Inactive. Your policies are active by default but you can choose to deactivate them, making them unavailable for scanning and reporting. For example, you may want to deactivate a policy that has become out of date. After updating the policy you can make it active again.   We added the policy status to the XML output returned by the Compliance Policy List API v2 (/api/2.0/fo/compliance/policy/?action=list) and updated the related DTDs (/api/2.0/fo/compliance/policy/policy_list_output.dtd,  /api/2.0/fo/compliance/policy/policy_export_output.dtd).

 

SCAP - Evidence added to SCAP Policy CSV Reports - Your SCAP policy reports in CSV format will now show evidence for each rule in your policy. Each rule is listed with the posture for the selected host. By reviewing the evidence you can determine why a rule passed or failed. The evidence content for a rule includes nodes (definitions and test sections) that represent the logic of the rule and the scan tests performed on the host.

A new release of Qualys Cloud Suite, Version 8.4, includes an API update which is targeted for release in April 2015.

 

This API notification provides an early preview into the coming new API features and enhancements in Qualys Cloud Suite 8.4, allowing you to proactively identify new opportunities to automate your Qualys service or to integrate with other applications.

 

This 15-day notification describes new API features that do not impact existing API implementations. API changes in the 8.4 release that may impact existing API implementations were already announced in the 30-day notification: Qualys Cloud Suite 8.4 API Release Notification.

 

Qualys API Enhancements

  • New Scheduled Scan API v2
  • New MySQL Authentication API
  • Appliance List v2 – Secondary Proxy Removed
  • PC – Compliance Scorecard Report XML Updates
  • PC – Import/Export Windows Directory Search UDC
  • CVSS Vectors added to CSV reports
  • Associated Tags added to CSV reports

 

Full release notes will be available to customers on the day of the release.

 

New Scheduled Scan API v2

Our new Scheduled Scan API v2 (/api/2.0/schedule/scan/) supports defining schedules for vulnerability scans. This API delivers improvements to the API v1 (/msp/scheduled_scans.php) and supports scanning targets in multiple network zones.

 

New MySQL Authentication API

The new MySQL Authentication API (/api/2.0/fo/auth/mysql/) lets you to list, create, update and delete MySQL authentication records.

 

Appliance List v2 – Secondary Proxy Removed

We’ve removed the secondary proxy configuration returned by the Scanner Appliance List v2 API (/api/2.0/fo/appliance/?action=list) when the request includes full output (output_mode=full). The appliance list output DTD was updated (/api/2.0/fo/appliance/appliance_list_output.dtd).

 

PC – Compliance Scorecard Report XML Updates

The Compliance Scorecard Report XML includes new elements for control criticality when selected in the report template. The DTD (compliance_scorecard_report.dtd) has several updates.

 

PC – Import/Export Windows Directory Search UDC

You can now import/export Windows directory search user defined controls in XML format. The schema ImportableControl.xsd has been updated.

 

CVSS Vectors added to CSV reports

Vulnerability scan reports in CSV format will now show the CVSS vector for each CVSS Base and Temporal score. The vector is a string of abbreviated metrics and values that describe the components used to calculate the score.

 

Associated Tags added to CSV reports

Vulnerability scan reports in CSV format will show asset tags associated with each host listed in the report. Applicable when your report target includes asset tags and your report template is configured for host based findings (automatic data).

A new release of Qualys Cloud Suite, Version 8.4, includes an API update which is targeted for release in April 2015.

 

This API notification provides an early preview into the coming API changes in Qualys 8.4, allowing you to proactively identify any changes that might be required for your automated scripts or programs that utilize the API methods.

 

This release includes two features with changes to XML and CSV output which could impact existing API implementations.  Notification about other new API features along with additional details and examples will be posted prior to the release.

 

For details about the changes, please see the attached detailed release notification below.  Full release notes will be available to customers on the day of the release.

 

Summary of Changes:

New MySQL Authentication API -  The new MySQL Authentication API (/api/2.0/fo/auth/mysql/) lets you to list, create, update and delete MySQL authentication records. User permissions for this API are the same as other authentication record APIs.

 

Appliance List v2 API - Secondary Proxy Removed - We’ve removed the secondary proxy configuration returned by the Scanner Appliance List v2 API (/api/2.0/fo/appliance/?action=list) when the request includes full output (output_mode=full). The appliance list output DTD was updated (/api/2.0/fo/appliance/appliance_list_output.dtd).

A new release of Qualys Cloud Suite, Version 8.3, includes an API update which is targeted for release in December 2014.

 

This API notification provides an early preview into the coming API changes in Qualys Cloud Suite 8.3, allowing you to proactively identify new opportunities to automate your Qualys service or to integrate with other applications.


Please review the attached document below for more details about the 8.3 API Features.

 

Full release notes will be available to customers on the day of the release.

 

API Enhancements

New Authentication Vault API v2: The new Vault API (/api/2.0/fo/vault) allows you to manage authentication vaults for authentication records that use them. Using this API you can list vaults, create new vaults, update and view vault settings, and delete vaults. Permissions: Managers, Unit Managers and Scanners can view vaults and their settings. Managers can perform more functions (create, update, delete). Unit Managers can perform these functions if they are granted the permission "Create/edit authentication records/vaults".

 

What is the <baseurl>?

This is the API server URL where your Qualys account is located. For an account on US Platform 1, this is <qualysapi.qualys.com>; on US Platform 2, this is <qualysapi.qg2.apps.qualys.com>; on EU Platform, this is <qualysapi.qualys.eu>.

A new release of Qualys, Version 8.2, includes an API update which is targeted for release in October 2014.

 

This API notification provides an early preview into the coming API changes in Qualys 8.2, allowing you to proactively identify new opportunities to automate your Qualys service or to integrate with other applications.  Qualys 8.2 includes some modifications to existing APIs that required 30 day notification that can be viewed at Qualys 8.2 API Release Notification.

 

Please review the attached document below for more details about the 8.2 API Features.

 

Full release notes will be available to customers on the day of the release.

 

API Enhancements

Manage Excluded Hosts via API: You can now manage IP's in the global exclusion list via the API.  This will allow you to sync data with external systems such as CMDB's to identify hosts to exclude from scans.

 

Update Asset Groups Assigned to Compliance via API: You can now manage asset groups assigned to Qualys Policy Compliance (PC) policies via the API.  This allows customers to sync Qualys policy assignments to align with internal systems such as risk management systems.

 

Access Audit Scan Times and Live Hosts per Scan Level via API: The scan list v2 output now tells you the duration for each scan, the time it took for the scan to complete, in the new DURATION elements. This helps you to audit scan times. You’ll see scan duration for vulnerability scans (using/api/2.0/fo/scan/?action=list) and compliance scans (using /api/2.0/fo/scan/?action=list). Any scan that is not finished (for example in the queued or running state) will have its duration set to “Pending”.

 

Network ID Attribute Added: We've added the attribute "network_id" to network elements in the scheduled scans v1 output returned by the Scheduled Scans v1 API.

 

Max Capacity Units available via API: We've added the MAX_CAPACITY_UNITS element in the Scanner Appliance List v2 API allowing you to determine percentage of capacity available programmatically.

 

Manage VLANs and Static Routes for Virtual Appliances: You can now manage your VLANs and static routes for virtual scanner appliances via the Scanner Appliance v2 API.

 

Show Asset Group ID's in CSV:  Now you can easily find the IDs for your asset groups in the CSV report output.

 

Include "Vulnerability Severity" in detection API Output: We’ve added the vulnerability severity level to the XML output returned by the Host Detection API v2.

 

Policy Compliance - Support for EC2 Scanning:  Now we support launching EC2 compliance scans on your Amazon EC2 hosts (in your Amazon Web Services account) using the PC Scan API v2.

 

 

What is the <baseurl>?

This is the API server URL where your Qualys account is located. For an account on US Platform 1, this is <qualysapi.qualys.com>; on US Platform 2, this is <qualysapi.qg2.apps.qualys.com>; on EU Platform, this is <qualysapi.qualys.eu>.

A new release of Qualys, Version 8.2, includes an API update which is targeted for release in October 2014.

 

This API notification provides an early preview into the coming API changes in Qualys 8.2, allowing you to proactively identify any changes that might be required for your automated scripts or programs that utilize the API methods.

 

This release implements new capabilities for Control Criticality ratings in Qualys Policy Compliance.  It includes several changes to XML and CSV output which could impact existing API implementations.  There are also two new optional parameters for the posture API’s that will not impact existing implementations.  Notification about other new API features along with additional details and examples will be posted at a date prior to the release.

 

Control Criticality is a new feature in Policy Compliance that provides ratings for controls, including the ability to customize ratings at the control level or at the policy.  The API has been updated to include these data in API output.

 

Note: Control Criticality must be enabled in your account. By default, control criticality will not be enabled while we are updating the default criticality settings in the control library.  If you are interested in this feature immediately, please contact Support or your Technical Account Manager.

 

For details about the changes, please see the attached detailed release notification below.  Full release notes will be available to customers on the day of the release.

 

Summary of Changes:

  • There are two new optional parameters added to the Compliance Posture Information API v2: criticality_labels, criticality_values.
  • Control Criticality has been added to the following reports when downloaded to XML or CSV formats from the Report Share API or from the user interface: Compliance Policy Report, Individual Host Report
  • CRITICALITY element was added to the following output DTD's
    • posture info list output DTD  (/api/2.0/fo/compliance/posture/info/posture_info_list_output.dtd)
    • control list output DTD (/api/2.0/fo/compliance/control/control_list_output.dtd)
    • policy list output DTD  (/api/2.0/fo/compliance/policy/policy_list_output.dtd)
    • policy export output DTD (/api/2.0/fo/compliance/policy/policy_export_output.dtd)
    • compliance policy report DTD  (compliance_policy_report.dtd)
    • individual host compliance report DTD  (individual_host_compliance_report.dtd)
  • Control Criticality has been added to the XML output returned by:
    • Compliance Control List API v2 (/api/2.0/fo/compliance/control/?action=list)
    • Compliance Policy List API v2 (/api/2.0/fo/compliance/policy/?action=list)
    • Import Compliance Policy API v2 (/api/2.0/fo/compliance/policy/?action=import)
    • Export Compliance Policy API v2 (/api/2.0/fo/compliance/policy/?action=export
  • CRITICALITY element has been added to the user defined control XML schema (ImportableControl.xsd) used to import and export user defined controls from the UI.

Filter Blog

By date: By tag: