Skip navigation
1 2 3 Previous Next

API Notifications

151 posts

A new release of Qualys Cloud Platform 2.6 (CertView) includes an updated API which is targeted for release in June 2020. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API.

What's new
Support for Last Found Date for a Certificate
/certview/v1/getEndpointData
You can now view the last found date of a certificate using the new output parameter lastFound in this API.

A new release of Qualys Cloud Platform 10.1 (PC) includes an updated API which is targeted for release in May 2020. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API. Updated 5/5/20 with updated release notes 

What's new
Oracle Instance Discovery and System Record Creation
/api/2.0/fo/auth/oracle/
This release introduces instance discovery and auto record creation for Oracle authentication. This functionality is already available for other technologies like Apache Web Server, IBM WebSphere, JBoss and Tomcat. There are a few notable differences for Oracle though. When we auto discover Oracle instances, we’ll discover the target configuration for each instance but not the login credentials. We’ve introduced a new configuration called “Oracle System Record Template” that you’ll use to provide Oracle login credentials for system created records. You’ll create the system record template and then select it in the option profile used for discovery scans. The template is linked automatically to the system created records created as a result of the scan.

 

Asset Search Report - Change to Asset Group Value in Output for DNS hosts
/api/2.0/fo/report/asset/?action=search
Now when you run the Asset Search Report for DNS hosts, you’ll see a comma separated list of asset groups the host belongs to. In previous releases you’d only see the All group listed for DNS hosts. The report output will show the associated groups only if the DNS host is found in the asset group specified in the API request.

 

Host-Based Scan Reports to Show Associated Asset Groups Information for Hosts.

/api/2.0/fo/report/
You will now see the list of asset groups associated with each host in the Host-based Scan Report output generated in these formats: CSV, MHT, PDF, HTML, and DOCX. The report in XML format already shows this information.

 

Remediation Information Available in Policy Import and Export of UDCs
/api/2.0/fo/compliance/policy/
You can now import or export remediation information of your UDC policies using an xml file.

 

More Regions Supported for VM, Compliance and Cloud Perimeter Scans
/api/2.0/fo/scan/
/api/2.0/fo/scan/compliance/
/api/2.0/fo/scan/cloud/perimeter/job
/api/2.0/fo/schedule/scan/
It’s now possible to launch a vulnerability scan, compliance scan for EC2 instances or cloud perimeter scan in three new regions: Stockholm, Hong Kong and Bahrain. You need to set the input parameter to the respective region and include it in the scan request.

 

Azure Key Vault Support for Palo Alto Network Firewall Authentication Records
/api/2.0/fo/auth/palo_alto_firewall/?action=list
/api/2.0/fo/auth/palo_alto_firewall/?action=create
/api/2.0/fo/auth/palo_alto_firewall/?action=update
With this release you can create and update authentication records for Palo Alto Network Firewall, using the Azure Key vault. Before creating the authentication record, you need to create the Azure Key vault record using Vaults API. See “Manage Vaults section in Chapter 6 - Vault Support” in the Qualys VM/PC API Guide for the list of parameters for creating Azure Key Vault record.


Network Element Added to Compliance Scan Result Output DTD

/api/2.0/fo/scan/compliance/?action=fetch
We updated the compliance_scan_result_output.dtd to include the Network element in Host Info. You will see this element in the API output when the Network Support feature is enabled.

 

New Support for ARCON PAM (Privilege Access Management) Vault

/api/2.0/fo/vault/index.php/
This new vault type can be used to retrieve authentication credentials from an ARCON PAM vault. We updated the authentication vault API (create, update, list, view) and the authentication record API (create, update, list) to support the new vault type.

 

New Database UDCs for Sybase
/api/2.0/fo/compliance/posture/info/?action=list
/api/2.0/fo/compliance/control/?action=list
/api/2.0/fo/compliance/policy/?action=export
/api/2.0/fo/subscription/option_profile/pc/
With this release you can create, update, list and export Option Profiles for Sybase Database UDCs. We’ve added new elements to the XML output and DTDs for Control List Output, Policy Export Output, Posture Info List Output, Option Profiles, and the ImportableControl.xsd schema.

A new release of Qualys Cloud Platform 10.1 (PC) includes an updated API which is targeted for release in May 2020. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API.

What's new
New Database UDCs for Sybase
/api/2.0/fo/compliance/posture/info/?action=list
/api/2.0/fo/compliance/control/?action=list
/api/2.0/fo/compliance/policy/?action=export
/api/2.0/fo/subscription/option_profile/pc/
With this release you can create, update, list and export Option Profiles for Sybase Database UDCs. We’ve added new elements to the XML output and DTDs for Control List Output, Policy Export Output, Posture Info List Output, Option Profiles, and the ImportableControl.xsd schema.

A new release of Qualys Cloud Platform 3.0.1.0 (WAS) includes an updated API which is targeted for release in May 2020. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API.

What's new
WAS API: Set a Default DNS Override for Web Application
/qps/rest/3.0/create/was/webapp
/qps/rest/3.0/update/was/webapp/<id>
/qps/rest/3.0/get/was/webapp/<id>
When creating or updating your web application, you can now set one of the DNS override records assigned to your web application as default using these APIs. The default DNS override setting is useful when you want to scan multiple web applications using the DNS override option. We will use the default DNS override record that you have set for your web applications to launch scan on them. This functionality is already supported from the WAS UI.

WAS API: Added a New Scan Status "PROCESSING" for WAS Scans
The WAS Scan API Output will now show a new status "PROCESSING" for scans whose results are in processing in WAS. After the scan result is processed, the status of the scan is changed to Finished. This status is already used for scans launched from WAS UI.

AWS Security Hub Integration
/qps/rest/2.0/add/integration/amazon/securityhub/
/qps/rest/2.0/add/integration/amazon/securityhub/{id}/vm
/qps/rest/2.0/update/integration/amazon/securityhub/{id}
/qps/rest/2.0/update/integration/amazon/securityhub/{id}/vm
/qps/rest/2.0/get/integration/amazon/securityhub/
/qps/rest/2.0/get/integration/amazon/securityhub/vm/
/qps/rest/2.0/get/integration/amazon/securityhub/{id}/vm/
/qps/rest/2.0/delete/integration/amazon/securityhub/{id}
/qps/rest/2.0/delete/integration/amazon/securityhub/{id}/vm
/qps/rest/2.0/delete/integration/amazon/securityhub/{id}/vm/reg
We have now introduced APIs (JSON) to fasten and simplify the integration process with AWS Security Hub. The integration process involves two quick steps: creating the Amazon Security Hub integration and configuring the Amazon Security Hub integration. Once you configure it, you can use it to fetch details, update the existing configuration of Amazon Security Hub, or delete the Amazon Security Hub integration as well.

A new release of Qualys Cloud Platform 10.0 (VM/PC) includes an updated API which is targeted for release in April 2020. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API.

 

A note on v10, as part of our new VMDR offering QWEB (VM/PC) is being pushed to version 10.  This releaase will include these new features and the prior features of 8.22.2 previously announced.

 

What’s New
Thycotic Secret Server Vault Supported in Cisco and Checkpoint Firewall Records
/api/2.0/fo/auth/unix/
Thycotic Secret Server vault is now supported in Cisco and Checkpoint Firewall authentication records. Cisco and Checkpoint Firewall are sub-types of Unix authentication and this vault is already supported in Unix authentication records. There are no DTD changes.

 

Launch/Schedule Vulnerability Scans on FQDNs
/api/2.0/fo/scan/
/api/2.0/fo/schedule/scan/
With this release you can launch and schedule vulnerability scans on Fully Qualified Domain Names (FQDNs). You’ll specify the input parameter “fqdn” during the scan request. This input parameter was previously only supported for CertView type vulnerability scans but now it’s available for all vulnerability scans.

 

Support for PostgreSQL Authentication on Windows Hosts
/api/2.0/fo/auth/postgresql/
The PostgreSQL Authentication API (api/2.0/fo/auth/postgresql/) lets you list, create, update and delete PostgreSQL authentication records. User permissions for this API are the same as other authentication record APIs.

 

New Microsoft SharePoint Authentication API
/api/2.0/fo/auth/microsoft_sharepoint/
Compliance scans now support Microsoft SharePoint authentication on Windows and Database hosts. The new Microsoft SharePoint Authentication API (api/2.0/fo/auth/microsoft_sharepoint/) lets you list, create, update and delete Microsoft SharePoint records. User permissions for this API are the same as other authentication record APIs. Microsoft SharePoint authentication is supported for Microsoft SharePoint versions 2010, 2013, 2016 and 2019.

 

New Pivotal Greenplum Authentication API
/api/2.0/fo/auth/greenplum/
Pivotal Greenplum authentication is now supported for compliance scans on Unix hosts. The new Greenplum Authentication API (api/2.0/fo/auth/greenplum/) lets you list, create, update and delete Greenplum authentication records. User permissions for this API are the same as other authentication record APIs. Authentication is supported for Greenplum versions 5.x and 6.x.

A new release of Qualys Cloud Platform 8.22.2 (VM) includes an updated API which is targeted for release in March 2020. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API.

 

What's new
Support for PostgreSQL Authentication on Windows Hosts
/api/2.0/fo/auth/postgresql/
The PostgreSQL Authentication API (api/2.0/fo/auth/postgresql/) lets you list, create, update and delete PostgreSQL authentication records. User permissions for this API are the same as other authentication record APIs.

 

New Microsoft SharePoint Authentication API
/api/2.0/fo/auth/microsoft_sharepoint/
Compliance scans now support Microsoft SharePoint authentication on Windows and Database hosts. The new Microsoft SharePoint Authentication API (api/2.0/fo/auth/microsoft_sharepoint/) lets you list, create, update and delete Microsoft SharePoint records. User permissions for this API are the same as other authentication record APIs. Microsoft SharePoint authentication is supported for Microsoft SharePoint versions 2010, 2013, 2016 and 2019.

 

New Pivotal Greenplum Authentication API
/api/2.0/fo/auth/greenplum/
Pivotal Greenplum authentication is now supported for compliance scans on Unix hosts. The new Greenplum Authentication API (api/2.0/fo/auth/greenplum/) lets you list, create, update and delete Greenplum authentication records. User permissions for this API are the same as other authentication record APIs. Authentication is supported for Greenplum versions 5.x and 6.x.

A new release of Qualys Cloud Platform 2.44 (WAS) includes an updated API which is targeted for release in March 2020. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API.

 

What's new

WAS API: SSL Lab Information Support in WAS
/qps/rest/3.0/get/was/finding/<id>
/qps/rest/3.0/search/was/finding
/qps/rest/3.0/download/was/wasscan/<id>
/qps/rest/3.0/create/was/optionprofile
/qps/rest/3.0/update/was/optionprofile/<id>
We now detect and report SSL/TLS and Certificate related vulnerabilities in WAS.

 

WAS API: Notification for Huge Reports
/qps/rest/3.0/create/was/report
Report creation may sometimes fail if the report is created for large number of web applications or scans. To avoid such failures, we have now categorized report creation as per the number of web applications or scans being included in the report.

A new release of Qualys Cloud Platform 8.22 (VM/PC) includes an updated API which is targeted for release in December 2019. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API.

 

12/5/19 NOTE: The Support for SSH Login on VMware ESXi 5.x/6.x Hosts has been removed from this release.  


What's new
Cloud Perimeter Scan API: New Input Parameter to Include Micro and Nano Instances into Scan
/api/2.0/fo/scan/cloud/perimeter/job/
It’s now possible to include micro/nano instances for scanning when launching a Cloud Perimeter scan for EC2 instances.

 

Cloud Perimeter Scan API: New Input Parameter to Include Connector’s Load Balancers into Scan
/api/2.0/fo/scan/cloud/perimeter/job/
You can now specify in the Cloud Perimeter Scan API to include public load balancers from the selected connector in the scan job.

 

Schedule Scans for Policy Compliance
/api/2.0/fo/schedule/scan/compliance
This API provides you the ability to create, update, list, and delete schedule scans for Policy Compliance.

 

Specify Network ID while Creating Virtual Hosts
/api/2.0/fo/asset/vhost/
You can now specify the network_id while creating the Virtual Host through API. Network support must be enabled to specify the network_id. If network support is enabled and you do not provide a network_id, then the Default Global Network is considered. You can specify only one network_id.

 

See 8.22 API release notes.

A new release of Qualys Cloud Platform v2.42 (WAS/AM/SAQ) includes an updated API which is targeted for release in November 2019. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API.


What’s New
AWS Asset Data Connector: Support for New Regions
The Asset Management and Tagging API has been updated to support the following new regions: GovCloud: us-gov-east-1China: cn-northwest-1Bahrain: me-south-1

 

Host Asset API: Search IBM assets
The Asset Management and Tagging API has been updated to allow searching for IBM assets in your account.

 

Security Assessment Questionnaire: New Campaign API
Introducing 2 new APIs for SAQ: Questionnaire Campaign API and Questionnaire API

 

Web Application Scanning (WAS): Tag Details in Web App API
With introduction of new optional parameter for Web Applications API, you can now also view the list of tags (and not just count of tags) associated with the web application.

 

WAS: XSS Payloads Option for Standard Scans
You can now enable comprehensive tests for cross-site scripting vulnerabilities to be executed during our standard scan using the new parameter in option profile. The comprehensive tests includes XSS with exhaustive set of payloads including set of standard payloads. Running a scan with XSS payloads option enabled in the detection scope of standard scan will provide the best assurance that your web application is free from XSS vulnerabilities. However, enabling this option leads to significant increase in the scan time.

 

WAS: New Groups for Information Gathered Issues
Currently, all Information Gathered issues in WAS are clubbed together in the report. We have now introduced two new groups for issues of type Information Gathered:- Diagnostic IG (general information about the scan)- Weakness IG (issues that are security weakness or conflict with best practices)

 

WAS: Cancel Scan with Results Support for Scans
Currently, canceling an unfinished scan on a web application which is in the user’s scope does not return any results. We have now introduced a new parameter <cancelWithResults> that allows you to cancel the scan and still retain results. You can use the scan ID and generate a report to view the results.

 

WAS: Scan Again Support for Scan API
We now provide the option to execute a previous scan again. Identify the scan you want to run again and use scanagain action. We'll pre-fill the scan settings to match the original scan.

A new release of Qualys Cloud Platform 8.21.6 includes an updated API which is targeted for release in November 2019. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API.

 

 

 

What’s New

 

New Oracle HTTP Server Authentication API
/api/2.0/fo/auth/
/api/2.0/fo/auth/oracle_http_server/
Oracle HTTP Server authentication is now supported for compliance scans on Unix and Windows. The new Oracle HTTP Server Authentication API (api/2.0/fo/auth/oracle_http_server/) lets you list, create, update and delete Oracle HTTP Server authentication records. User permissions for this API are the same as other authentication record APIs. Note that the API supports authentication record creation only for Oracle Server installed on respective OS - Unix or Windows.

 

 

Support for File Content Check on Windows
/api/2.0/fo/compliance/posture/info/?action=list
/api/2.0/fo/compliance/control/?action=list
/api/2.0/fo/compliance/policy/?action=export
With this release, you can now configure a File Content Check control to check the contents of a Windows file. Tell us which file you want to evaluate and what you're looking for. We'll return all lines in the file that match. You can specify your file location using any of the path types: Registry Key, File Search, File Path

 

 

Support for HashiCorp vault in Database Authentication records   
/api/2.0/fo/auth/  
HashiCorp Vault is now supported for the following database authentication records: MySQL, MariaDB, Sybase, PostgreSQL, MongoDB. You can create, update, list, and view authentication credentials from a HashiCorp vault.

 

Updates to Input Parameters for Cloud Perimeter Scan Jobs
/api/2.0/fo/scan/cloud/
It’s now possible to launch a cloud perimeter scan job without specifying the platform, region code, vpc id or asset tags. Multiple input parameters changed from Required to Optional to provide this flexibility. Note - There are no changes to the XML output or DTD.

 

 

 

Sybase Authentication is Now Supported in VM
/api/2.0/fo/auth/sybase/
/api/2.0/fo/subscription/option_profile/
Sybase authentication was already supported for PC and now it’s also supported in VM for vulnerability scanning. Each Sybase record identifies account login credentials, database information and target host IPs for authenticating to Sybase Adaptive Server Enterprise (ASE) instances. How you create and manage Sybase records is the same as previously documented for PC. You can find all the details in the Qualys API (VM/PC) User Guide. 

 

We made updates to the VM option profile API to allow users to enable Sybase authentication for vulnerability scans. You’ll also see Sybase in the XML output when you list/export option profiles with Sybase enabled. Note that there are no DTD changes.

Version changed from 8.22 to 8.21.6

 

A new release of Qualys Cloud Platform 8.21.6 includes an updated API which is targeted for release in November 2019. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API.


What’s New
Support for File Content Check on Windows
/api/2.0/fo/compliance/posture/info/?action=list
/api/2.0/fo/compliance/control/?action=list
/api/2.0/fo/compliance/policy/?action=export

With this release you can now configure a File Content Check control to check the contents of a Windows file. Tell us which file you want to evaluate and what you're looking for. We'll return all lines in the file that match. You can specify your file location using any of the path types: Registry Key, File Search, File Path

A new release of Qualys Cloud Platform v2.41 (WAS/WAF) includes an updated API which is targeted for release in September 2019. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API.


What’s New
WAS API: New DNS Override Support
/qps/rest/3.0/get/was/dnsoverride/{id}
/qps/rest/3.0/count/was/dnsoverride/
/qps/rest/3.0/search/was/dnsoverride/
/qps/rest/3.0/create/was/dnsoverride/
/qps/rest/3.0/update/was/dnsoverride/{id}
/qps/rest/3.0/delete/was/dnsoverride/{id}
By default we'll use the DNS for the web application URL to crawl the web app and perform scanning. If you provide a DNS override record through our new API, we'll use the mappings in your record instead.

 

HTTP Profile API: Support for Keeping/Removing Accept Encoding Header Field in Request Header
/qps/rest/2.0/get/waf/httpprofile/<id>
/qps/rest/2.0/search/waf/httpprofile
/qps/rest/2.0/create/waf/httpprofile/qps
/rest/2.0/update/waf/httpprofile
You can now create an HTTP profile for your web application to specify the WAF application to either retain or remove the Accept Encoding header field in requests. If you choose to retain the Accept Encoding header field then WAF will keep the header field in requests that contain this header field while forwarding the requests to your web application. By default, WAF will remove this header field.

 

New API to Search for Security Events
/qps/rest/2.0/search/waf/eventlog
You can now search for security events detected for your web application in the event log using the search filters provided by the Eventlog API.

A new release of Qualys Cloud Platform v8.21.2 (VM/PC) includes an updated API which is targeted for release in September 2019. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API.


What’s New
IBM WebSphere App Server and JBoss Server: Instance Discovery, Auto Record Creation and more
/api/2.0/fo/auth/unix/
/api/2.0/fo/auth/windows/
Instance discovery and auto record creation is now supported for IBM WebSphere App Server/JBoss Server (UI and API). As before a single IBM WebSphere/JBoss record may be used when the same record configuration is replicated across hosts in the record.

 

Compliance Posture API: Parameters added to show fail/pass dates for controls
/api/2.0/fo/subscription/option_profile/pc/
We have added 5 new parameters to the Compliance Posture API to show you the following information in the posture information output: 1) for failed controls, the first and last failed dates. 2) for passed controls, the first and last passed dates and 3) previous posture status (failed/passed) for a control.

A new release of Qualys Cloud Platform v8.21 (VM/PC) includes an updated API which is targeted for release in August 2019. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API.


What’s New
API Support for New Vault Types for Cisco and Checkpoint
/api/2.0/fo/auth/unix/
We now support few more vault types as part of authentication record settings for Unix Subtypes: Cisco and Checkpoint Firewall. Newly supported vault types for Cisco authentication records are Azure Key and HashiCorp vaults and newly supported vault type for Checkpoint Firewall is HashiCorp vault. These vaults are already supported for these authentication types in the UI.

A new release of Qualys Cloud Platform v2.40 (WAS) includes an updated API which is targeted for release in August 2019. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API.


What’s New
WAS API: Option to choose all Detections in Option Profile
/qps/rest/3.0/get/was/optionprofile/<id>
/qps/rest/3.0/create/was/optionprofile
/qps/rest/3.0/update/was/optionprofile/<id>
You can now configure the option profile for you scan so that it could include all the WAS related detections. We have now introduced a new option named "Everything" for detection scope of Option Profile that includes every WAS related detection during the scan.

 

WAS API: Unique ID for Findings
/qps/rest/3.0/get/was/finding/<id>
/qps/rest/3.0/search/was/finding
/qps/rest/3.0/count/was/finding
/qps/rest/3.0/ignore/was/finding
/qps/rest/3.0/activate/was/finding
/qps/rest/3.0/editSeverity/was/finding
/qps/rest/3.0/restoreSeverity/was/finding
/qps/rest/3.0/retest/was/finding
We have now introduced 36-bit unique ID (uniqueId) for each finding. The ID would be unique for every finding. Earlier, the combination of three fields namely: finding ID, finding type and finding category would make a finding unique. Now, with the implementation of uniqueId, you can easily distinguish every finding

Filter Blog

By date: By tag: